[FREEBSD:1D8FF4A2-0445-11E0-8E32-000F20797EDE] mozilla -- multiple vulnerabilities

Severity High

Affected Packages 8

CVEs 13

The Mozilla Project reports:

  MFSA 2010-74 Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16)
  MFSA 2010-75 Buffer overflow while line breaking after document.write with long string
  MFSA 2010-76 Chrome privilege escalation with window.open and isindex element
  MFSA 2010-77 Crash and remote code execution using HTML tags inside a XUL tree
  MFSA 2010-78 Add support for OTS font sanitizer
  MFSA 2010-79 Java security bypass from LiveConnect loaded via data: URL meta refresh
  MFSA 2010-80 Use-after-free error with nsDOMAttribute MutationObserver
  MFSA 2010-81 Integer overflow vulnerability in NewIdArray
  MFSA 2010-82 Incomplete fix for CVE-2010-0179
  MFSA 2010-83 Location bar SSL spoofing using network error page
  MFSA 2010-84 XSS hazard in multiple character encodings

Package	Affected Version
pkg:freebsd/thunderbird	< 3.0.11
pkg:freebsd/seamonkey	> 2.0.*, < 2.0.11
pkg:freebsd/linux-thunderbird	< 3.1.7
pkg:freebsd/linux-seamonkey	> 2.0.*, < 2.0.11
pkg:freebsd/linux-firefox-devel	< 3.5.16
pkg:freebsd/linux-firefox	< 3.6.13,1
pkg:freebsd/libxul	> 1.9.2.*, < 1.9.2.13
pkg:freebsd/firefox	> 3.6.*,1, < 3.6.13,1

ID

FREEBSD:1D8FF4A2-0445-11E0-8E32-000F20797EDE

Severity

high

Severity from

CVE-2010-3766

URL

http://vuxml.freebsd.org/freebsd/1d8ff4a2-0445-11e0-8e32-000f20797ede.html

Published

2010-12-09T00:00:00
(13 years ago)

Modified

2010-12-10T00:00:00
(13 years ago)

Rights

FreeBSD VuXML Security Team

Other Advisories

Source	# ID	Name	URL
FreeBSD VuXML			http://www.mozilla.org/security/announce/2010/mfsa2010-74.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2010/mfsa2010-75.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2010/mfsa2010-76.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2010/mfsa2010-77.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2010/mfsa2010-78.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2010/mfsa2010-79.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2010/mfsa2010-80.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2010/mfsa2010-81.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2010/mfsa2010-82.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2010/mfsa2010-83.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2010/mfsa2010-84.html

Type	Package URL	Name / Product	Version
Affected	pkg:freebsd/thunderbird	thunderbird	< 3.0.11
Affected	pkg:freebsd/seamonkey	seamonkey	> 2.0.* < 2.0.11
Affected	pkg:freebsd/linux-thunderbird	linux-thunderbird	< 3.1.7
Affected	pkg:freebsd/linux-seamonkey	linux-seamonkey	> 2.0.* < 2.0.11
Affected	pkg:freebsd/linux-firefox-devel	linux-firefox-devel	< 3.5.16
Affected	pkg:freebsd/linux-firefox	linux-firefox	< 3.6.13,1
Affected	pkg:freebsd/libxul	libxul	> 1.9.2.* < 1.9.2.13
Affected	pkg:freebsd/firefox	firefox	> 3.6.*,1 < 3.6.13,1

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date