FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mozilla -- multiple vulnerabilities

Affected packages
		firefox	<	2.0.0.20,1
3.*,1	<	firefox	<	3.0.5,1
		linux-firefox	<	2.0.0.20
		linux-seamonkey	<	1.1.14
		seamonkey	<	1.1.14
		linux-thunderbird	<	2.0.0.18
		thunderbird	<	2.0.0.18

Details

VuXML ID	29f5bfc5-ce04-11dd-a721-0030843d3802
Discovery	2008-12-17
Entry	2008-12-19

The Mozilla Foundation reports:

MFSA 2008-69 XSS vulnerabilities in SessionStore

MFSA 2008-68 XSS and JavaScript privilege escalation

MFSA 2008-67 Escaped null characters ignored by CSS parser

MFSA 2008-66 Errors parsing URLs with leading whitespace and control characters

MFSA 2008-65 Cross-domain data theft via script redirect error message

MFSA 2008-64 XMLHttpRequest 302 response disclosure

MFSA 2008-62 Additional XSS attack vectors in feed preview

MFSA 2008-61 Information stealing via loadBindingDocument

MFSA 2008-60 Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19)

[source]

References

CVE Name	CVE-2008-5500
CVE Name	CVE-2008-5501
CVE Name	CVE-2008-5502
CVE Name	CVE-2008-5503
CVE Name	CVE-2008-5504
CVE Name	CVE-2008-5505
CVE Name	CVE-2008-5506
CVE Name	CVE-2008-5507
CVE Name	CVE-2008-5508
CVE Name	CVE-2008-5510
CVE Name	CVE-2008-5511
CVE Name	CVE-2008-5512
CVE Name	CVE-2008-5513
URL	http://www.mozilla.org/security/announce/2008/mfsa2008-60.html
URL	http://www.mozilla.org/security/announce/2008/mfsa2008-61.html
URL	http://www.mozilla.org/security/announce/2008/mfsa2008-62.html
URL	http://www.mozilla.org/security/announce/2008/mfsa2008-63.html
URL	http://www.mozilla.org/security/announce/2008/mfsa2008-64.html
URL	http://www.mozilla.org/security/announce/2008/mfsa2008-65.html
URL	http://www.mozilla.org/security/announce/2008/mfsa2008-66.html
URL	http://www.mozilla.org/security/announce/2008/mfsa2008-67.html
URL	http://www.mozilla.org/security/announce/2008/mfsa2008-68.html
URL	http://www.mozilla.org/security/announce/2008/mfsa2008-69.html