FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mozilla -- multiple vulnerabilities

Affected packages
4.0,1 < firefox < 10.0.3,1
3.6.*,1 <= firefox < 3.6.28
linux-firefox < 10.0.3,1
linux-seamonkey < 2.8
linux-thunderbird < 10.0.3
seamonkey < 2.8
4.0 < thunderbird < 10.0.3
3.1.* < thunderbird < 3.1.20
1.9.2.* < libxul < 1.9.2.28

Details

VuXML ID a1050b8b-6db3-11e1-8b37-0011856a6e37
Discovery 2012-03-13
Entry 2012-03-14
Modified 2012-03-18

The Mozilla Project reports:

MFSA 2012-13 XSS with Drag and Drop and Javascript: URL

MFSA 2012-14 SVG issues found with Address Sanitizer

MFSA 2012-15 XSS with multiple Content Security Policy headers

MFSA 2012-16 Escalation of privilege with Javascript: URL as home page

MFSA 2012-17 Crash when accessing keyframe cssText after dynamic modification

MFSA 2012-18 window.fullScreen writeable by untrusted content

MFSA 2012-19 Miscellaneous memory safety hazards (rv:11.0/ rv:10.0.3 / rv:1.9.2.28)

References

CVE Name CVE-2012-0451
CVE Name CVE-2012-0455
CVE Name CVE-2012-0456
CVE Name CVE-2012-0457
CVE Name CVE-2012-0458
CVE Name CVE-2012-0459
CVE Name CVE-2012-0460
CVE Name CVE-2012-0461
CVE Name CVE-2012-0462
CVE Name CVE-2012-0463
CVE Name CVE-2012-0464
URL http://www.mozilla.org/security/announce/2012/mfsa2012-13.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-14.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-15.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-16.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-17.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-18.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-19.html