FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mozilla -- multiple vulnerabilities

Affected packages
3.6.*,1 < firefox < 3.6.7,1
3.5.*,1 < firefox < 3.5.11,1
linux-firefox < 3.6.7,1
linux-firefox-devel < 3.5.11
2.0.* < seamonkey < 2.0.6
3.0 <= thunderbird < 3.0.6

Details

VuXML ID 8c2ea875-9499-11df-8e32-000f20797ede
Discovery 2010-07-20
Entry 2010-07-21

The Mozilla Project reports:

MFSA 2010-34 Miscellaneous memory safety hazards (rv:1.9.2.7/ 1.9.1.11)

MFSA 2010-35 DOM attribute cloning remote code execution vulnerability

MFSA 2010-36 Use-after-free error in NodeIterator

MFSA 2010-37 Plugin parameter EnsureCachedAttrParamArrays remote code execution vulnerability

MFSA 2010-38 Arbitrary code execution using SJOW and fast native function

MFSA 2010-39 nsCSSValue::Array index integer overflow

MFSA 2010-40 nsTreeSelection dangling pointer remote code execution vulnerability

MFSA 2010-41 Remote code execution using malformed PNG image

MFSA 2010-42 Cross-origin data disclosure via Web Workers and importScripts

MFSA 2010-43 Same-origin bypass using canvas context

MFSA 2010-44 Characters mapped to U+FFFD in 8 bit encodings cause subsequent character to vanish

MFSA 2010-45 Multiple location bar spoofing vulnerabilities

MFSA 2010-46 Cross-domain data theft using CSS

MFSA 2010-47 Cross-origin data leakage from script filename in error messages

[source]

References

CVE Name CVE-2010-0654
CVE Name CVE-2010-1205
CVE Name CVE-2010-1206
CVE Name CVE-2010-1207
CVE Name CVE-2010-1208
CVE Name CVE-2010-1209
CVE Name CVE-2010-1210
CVE Name CVE-2010-1211
CVE Name CVE-2010-1212
CVE Name CVE-2010-1213
CVE Name CVE-2010-1214
CVE Name CVE-2010-1215
CVE Name CVE-2010-2751
CVE Name CVE-2010-2752
CVE Name CVE-2010-2753
CVE Name CVE-2010-2754
URL http://www.mozilla.org/security/announce/2010/mfsa2010-34.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-35.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-36.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-37.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-38.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-39.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-40.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-41.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-42.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-43.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-44.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-45.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-46.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-47.html

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.