FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mozilla -- multiple vulnerabilities

Affected packages
3.6.*,1	<	firefox	<	3.6.11,1
3.5.*,1	<	firefox	<	3.5.14,1
1.9.2.*	<	libxul	<	1.9.2.11
		linux-firefox	<	3.6.11,1
		linux-firefox-devel	<	3.5.14
2.0.*	<	seamonkey	<	2.0.9
3.0	<=	thunderbird	<	3.0.9
3.1	<=	thunderbird	<	3.1.5

Details

VuXML ID	c4f067b9-dc4a-11df-8e32-000f20797ede
Discovery	2010-10-19
Entry	2010-10-20

The Mozilla Project reports:

MFSA 2010-64 Miscellaneous memory safety hazards (rv:1.9.2.11/ 1.9.1.14)

MFSA 2010-65 Buffer overflow and memory corruption using document.write

MFSA 2010-66 Use-after-free error in nsBarProp

MFSA 2010-67 Dangling pointer vulnerability in LookupGetterOrSetter

MFSA 2010-68 XSS in gopher parser when parsing hrefs

MFSA 2010-69 Cross-site information disclosure via modal calls

MFSA 2010-70 SSL wildcard certificate matching IP addresses

MFSA 2010-71 Unsafe library loading vulnerabilities

MFSA 2010-72 Insecure Diffie-Hellman key exchange

[source]

References

CVE Name	CVE-2010-3170
CVE Name	CVE-2010-3173
CVE Name	CVE-2010-3174
CVE Name	CVE-2010-3175
CVE Name	CVE-2010-3176
CVE Name	CVE-2010-3177
CVE Name	CVE-2010-3178
CVE Name	CVE-2010-3179
CVE Name	CVE-2010-3180
CVE Name	CVE-2010-3181
CVE Name	CVE-2010-3182
CVE Name	CVE-2010-3183
URL	http://www.mozilla.org/security/announce/2010/mfsa2010-64.html
URL	http://www.mozilla.org/security/announce/2010/mfsa2010-65.html
URL	http://www.mozilla.org/security/announce/2010/mfsa2010-66.html
URL	http://www.mozilla.org/security/announce/2010/mfsa2010-67.html
URL	http://www.mozilla.org/security/announce/2010/mfsa2010-68.html
URL	http://www.mozilla.org/security/announce/2010/mfsa2010-69.html
URL	http://www.mozilla.org/security/announce/2010/mfsa2010-70.html
URL	http://www.mozilla.org/security/announce/2010/mfsa2010-71.html
URL	http://www.mozilla.org/security/announce/2010/mfsa2010-72.html