FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mozilla -- multiple vulnerabilities

Affected packages
11.0,1 < firefox < 16.0.1,1
firefox < 10.0.9,1
linux-firefox < 10.0.9,1
linux-seamonkey < 2.13.1
linux-thunderbird < 10.0.9
seamonkey < 2.13.1
11.0 < thunderbird < 16.0.1
thunderbird < 10.0.9
1.9.2.* < libxul < 10.0.9

Details

VuXML ID 6e5a9afd-12d3-11e2-b47d-c8600054b392
Discovery 2012-10-09
Entry 2012-10-10
Modified 2012-10-11

The Mozilla Project reports:

MFSA 2012-74 Miscellaneous memory safety hazards (rv:16.0/ rv:10.0.8)

MFSA 2012-75 select element persistance allows for attacks

MFSA 2012-76 Continued access to initial origin after setting document.domain

MFSA 2012-77 Some DOMWindowUtils methods bypass security checks

MFSA 2012-78 Reader Mode pages have chrome privileges

MFSA 2012-79 DOS and crash with full screen and history navigation

MFSA 2012-80 Crash with invalid cast when using instanceof operator

MFSA 2012-81 GetProperty function can bypass security checks

MFSA 2012-82 top object and location property accessible by plugins

MFSA 2012-83 Chrome Object Wrapper (COW) does not disallow acces to privileged functions or properties

MFSA 2012-84 Spoofing and script injection through location.hash

MFSA 2012-85 Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer

MFSA 2012-86 Heap memory corruption issues found using Address Sanitizer

MFSA 2012-87 Use-after-free in the IME State Manager

MFSA 2012-88 Miscellaneous memory safety hazards (rv:16.0.1)

MFSA 2012-89 defaultValue security checks not applied

[source]

References

CVE Name CVE-2012-3982
CVE Name CVE-2012-3983
CVE Name CVE-2012-3984
CVE Name CVE-2012-3985
CVE Name CVE-2012-3986
CVE Name CVE-2012-3987
CVE Name CVE-2012-3988
CVE Name CVE-2012-3989
CVE Name CVE-2012-3990
CVE Name CVE-2012-3991
CVE Name CVE-2012-3992
CVE Name CVE-2012-3993
CVE Name CVE-2012-3994
CVE Name CVE-2012-3995
CVE Name CVE-2012-4179
CVE Name CVE-2012-4180
CVE Name CVE-2012-4181
CVE Name CVE-2012-4182
CVE Name CVE-2012-4183
CVE Name CVE-2012-4184
CVE Name CVE-2012-4186
CVE Name CVE-2012-4187
CVE Name CVE-2012-4188
CVE Name CVE-2012-4190
CVE Name CVE-2012-4191
CVE Name CVE-2012-4192
CVE Name CVE-2012-4193
URL http://www.mozilla.org/security/announce/2012/mfsa2012-74.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-75.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-76.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-77.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-78.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-79.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-80.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-81.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-82.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-83.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-84.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-85.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-86.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-87.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-88.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-89.html
URL http://www.mozilla.org/security/known-vulnerabilities/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.