https://www.mozilla.org/security/advisories/mfsa2020-06/

https://bugzilla.mozilla.org/show_bug.cgi?id=1606596

https://www.mozilla.org/security/advisories/mfsa2020-05/

GLSA-202003-02

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2020:14290-1 advisory.

  - A content process could have modified shared memory relating to crash reporting information, crash itself,     and cause an out-of-bound write. This could have caused memory corruption and a potentially exploitable     crash. This vulnerability affects Firefox < 73 and Firefox < ESR68.5. (CVE-2020-6796)

  - By downloading a file with the .fileloc extension, a semi-privileged extension could launch an arbitrary     application on the user's computer. The attacker is restricted as they are unable to download non-     quarantined files or supply command line arguments to the application, limiting the impact. Note: this     issue only occurs on Mac OSX. Other operating systems are unaffected. This vulnerability affects     Thunderbird < 68.5, Firefox < 73, and Firefox < ESR68.5. (CVE-2020-6797)

  - If a template tag was used in a select tag, the parser could be confused and allow JavaScript parsing and     execution when it should not be allowed. A site that relied on the browser behaving correctly could suffer     a cross-site scripting vulnerability as a result. In general, this flaw cannot be exploited through email     in the Thunderbird product because scripting is disabled when reading mail, but is potentially a risk in     browser or browser-like contexts. This vulnerability affects Thunderbird < 68.5, Firefox < 73, and Firefox     < ESR68.5. (CVE-2020-6798)

  - Command line arguments could have been injected during Firefox invocation as a shell handler for certain     unsupported file types. This required Firefox to be configured as the default handler for a given file     type and for a file downloaded to be opened in a third party application that insufficiently sanitized URL     data. In that situation, clicking a link in the third party application could have been used to retrieve     and execute files whose location was supplied through command line arguments. Note: This issue only     affects Windows operating systems and when Firefox is configured as the default handler for non-default     filetypes. Other operating systems are unaffected. This vulnerability affects Firefox < 73 and Firefox <     ESR68.5. (CVE-2020-6799)

  - Mozilla developers and community members reported memory safety bugs present in Firefox 72 and Firefox ESR     68.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some     of these could have been exploited to run arbitrary code. In general, these flaws cannot be exploited     through email in the Thunderbird product because scripting is disabled when reading mail, but are     potentially risks in browser or browser-like contexts. This vulnerability affects Thunderbird < 68.5,     Firefox < 73, and Firefox < ESR68.5. (CVE-2020-6800)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote host is affected by the vulnerability described in GLSA-202003-02 (Mozilla Firefox: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Mozilla Firefox. Please       review the CVE identifiers referenced below for details.
  Impact :

    A remote attacker could entice a user to view a specially crafted web       page, possibly resulting in the execution of arbitrary code with the       privileges of the process or a Denial of Service condition. Furthermore,       a remote attacker may be able to perform Man-in-the-Middle attacks,       obtain sensitive information, spoof the address bar, conduct clickjacking       attacks, bypass security restrictions and protection mechanisms, or have       other unspecified impact.
  Workaround :

    There is no known workaround at this time.

This update for MozillaFirefox fixes the following issues :

Firefox Extended Support Release 68.5.0 ESR

  - CVE-2020-6796 (bmo#1610426) Missing bounds check on     shared memory read in the parent process

  - CVE-2020-6797 (bmo#1596668) Extensions granted     downloads.open permission could open arbitrary     applications on Mac OSX

  - CVE-2020-6798 (bmo#1602944) Incorrect parsing of     template tag could result in JavaScript injection

  - CVE-2020-6799 (bmo#1606596) Arbitrary code execution     when opening pdf links from other applications, when     Firefox is configured as default pdf reader

  - CVE-2020-6800 (bmo#1595786, bmo#1596706, bmo#1598543,     bmo#1604851, bmo#1605777, bmo#1608580, bmo#1608785)     Memory safety bugs fixed in Firefox 73 and Firefox ESR     68.5

  - Fixed: Fixed various issues opening files with spaces in     their path (bmo#1601905, bmo#1602726)

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for MozillaFirefox fixes the following issues :

Firefox Extended Support Release 68.5.0 ESR

  - Fixed: Various stability and security fixes

Mozilla Firefox ESR68.5 MFSA 2020-06 (bsc#1163368)

  - CVE-2020-6796 (bmo#1610426) Missing bounds check on     shared memory read in the parent process

  - CVE-2020-6797 (bmo#1596668) Extensions granted     downloads.open permission could open arbitrary     applications on Mac OSX

  - CVE-2020-6798 (bmo#1602944) Incorrect parsing of     template tag could result in JavaScript injection

  - CVE-2020-6799 (bmo#1606596) Arbitrary code execution     when opening pdf links from other applications, when     Firefox is configured as default pdf reader

  - CVE-2020-6800 (bmo#1595786, bmo#1596706, bmo#1598543,     bmo#1604851, bmo#1605777, bmo#1608580, bmo#1608785)     Memory safety bugs fixed in Firefox 73 and Firefox ESR     68.5

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for MozillaFirefox fixes the following issues :

  - Firefox Extended Support Release 68.5.0 ESR

  - Fixed: Various stability and security fixes

  - Mozilla Firefox ESR68.5 MFSA 2020-06 (bsc#1163368)

  - CVE-2020-6796 (bmo#1610426) Missing bounds check on     shared memory read in the parent process

  - CVE-2020-6797 (bmo#1596668) Extensions granted     downloads.open permission could open arbitrary     applications on Mac OSX

  - CVE-2020-6798 (bmo#1602944) Incorrect parsing of     template tag could result in JavaScript injection

  - CVE-2020-6799 (bmo#1606596) Arbitrary code execution     when opening pdf links from other applications, when     Firefox is configured as default pdf reader

  - CVE-2020-6800 (bmo#1595786, bmo#1596706, bmo#1598543,     bmo#1604851, bmo#1605777, bmo#1608580, bmo#1608785)     Memory safety bugs fixed in Firefox 73 and Firefox ESR     68.5

This update was imported from the SUSE:SLE-15:Update update project.

The version of Firefox installed on the remote Windows host is prior to 73.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-05 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Firefox installed on the remote Windows host is prior to 68.5. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-06 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

New mozilla-firefox packages are available for Slackware 14.2 and
-current to fix security issues.

ID	Name	Product	Family	Severity
150679	SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2020:14290-1)	Nessus	SuSE Local Security Checks	high
134469	GLSA-202003-02 : Mozilla Firefox: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical
133762	SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2020:0384-1)	Nessus	SuSE Local Security Checks	high
133761	SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2020:0383-1)	Nessus	SuSE Local Security Checks	high
133759	openSUSE Security Update : MozillaFirefox (openSUSE-2020-230)	Nessus	SuSE Local Security Checks	high
133693	Mozilla Firefox < 73.0	Nessus	Windows	high
133677	Mozilla Firefox ESR < 68.5 Multiple Vulnerabilities	Nessus	Windows	high
133642	Slackware 14.2 / current : mozilla-firefox (SSA:2020-042-01)	Nessus	Slackware Local Security Checks	high

CVE-2020-6799

high

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

CVSS v3

Vulnerable Software

Configuration 1

Tenable Plugins

high

critical

high

high

high

high

high

high