FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mozilla -- multiple vulnerabilities

Affected packages
11.0,1 < firefox < 17.0,1
firefox < 10.0.11,1
linux-firefox < 10.0.11,1
linux-seamonkey < 2.14
linux-thunderbird < 10.0.11
seamonkey < 2.14
11.0 < thunderbird < 17.0
thunderbird < 10.0.11
1.9.2.* < libxul < 10.0.11

Details

VuXML ID d23119df-335d-11e2-b64c-c8600054b392
Discovery 2012-11-20
Entry 2012-11-20

The Mozilla Project reports:

MFSA 2012-91 Miscellaneous memory safety hazards (rv:17.0/ rv:10.0.11)

MFSA 2012-92 Buffer overflow while rendering GIF images

MFSA 2012-93 evalInSanbox location context incorrectly applied

MFSA 2012-94 Crash when combining SVG text on path with CSS

MFSA 2012-95 Javascript: URLs run in privileged context on New Tab page

MFSA 2012-96 Memory corruption in str_unescape

MFSA 2012-97 XMLHttpRequest inherits incorrect principal within sandbox

MFSA 2012-98 Firefox installer DLL hijacking

MFSA 2012-99 XrayWrappers exposes chrome-only properties when not in chrome compartment

MFSA 2012-100 Improper security filtering for cross-origin wrappers

MFSA 2012-101 Improper character decoding in HZ-GB-2312 charset

MFSA 2012-102 Script entered into Developer Toolbar runs with chrome privileges

MFSA 2012-103 Frames can shadow top.location

MFSA 2012-104 CSS and HTML injection through Style Inspector

MFSA 2012-105 Use-after-free and buffer overflow issues found

MFSA 2012-106 Use-after-free, buffer overflow, and memory corruption issues found using Address Sanitizer

[source]

References

CVE Name CVE-2012-4201
CVE Name CVE-2012-4202
CVE Name CVE-2012-4203
CVE Name CVE-2012-4204
CVE Name CVE-2012-4205
CVE Name CVE-2012-4206
CVE Name CVE-2012-4207
CVE Name CVE-2012-4208
CVE Name CVE-2012-4209
CVE Name CVE-2012-4210
CVE Name CVE-2012-4212
CVE Name CVE-2012-4213
CVE Name CVE-2012-4214
CVE Name CVE-2012-4215
CVE Name CVE-2012-4216
CVE Name CVE-2012-4217
CVE Name CVE-2012-4218
CVE Name CVE-2012-5829
CVE Name CVE-2012-5830
CVE Name CVE-2012-5833
CVE Name CVE-2012-5835
CVE Name CVE-2012-5836
CVE Name CVE-2012-5837
CVE Name CVE-2012-5838
CVE Name CVE-2012-5839
CVE Name CVE-2012-5840
CVE Name CVE-2012-5841
CVE Name CVE-2012-5842
CVE Name CVE-2012-5843
URL http://www.mozilla.org/security/announce/2012/mfsa2012-100.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-101.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-102.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-103.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-104.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-105.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-106.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-90.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-91.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-92.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-93.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-94.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-95.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-96.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-97.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-98.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-99.html
URL http://www.mozilla.org/security/known-vulnerabilities/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.