[FREEBSD:29F5BFC5-CE04-11DD-A721-0030843D3802] mozilla -- multiple vulnerabilities

Severity High

Affected Packages 4

CVEs 13

The Mozilla Foundation reports:

  MFSA 2008-69  XSS vulnerabilities in SessionStore
  MFSA 2008-68  XSS and JavaScript privilege escalation
  MFSA 2008-67  Escaped null characters ignored by CSS parser
  MFSA 2008-66  Errors parsing URLs with leading whitespace and
    control characters
  MFSA 2008-65  Cross-domain data theft via script redirect error
    message
  MFSA 2008-64  XMLHttpRequest 302 response disclosure
  MFSA 2008-62  Additional XSS attack vectors in feed preview
  MFSA 2008-61  Information stealing via loadBindingDocument
  MFSA 2008-60  Crashes with evidence of memory corruption
    (rv:1.9.0.5/1.8.1.19)

Package	Affected Version
pkg:freebsd/thunderbird	< 2.0.0.18
pkg:freebsd/seamonkey	< 1.1.14
pkg:freebsd/linux-firefox	< 2.0.0.20
pkg:freebsd/firefox	> 3.*,1, < 2.0.0.20,1

ID

FREEBSD:29F5BFC5-CE04-11DD-A721-0030843D3802

Severity

high

Severity from

CVE-2008-5500

URL

http://vuxml.freebsd.org/freebsd/29f5bfc5-ce04-11dd-a721-0030843d3802.html

Published

2008-12-17T00:00:00
(15 years ago)

Modified

2008-12-19T00:00:00
(15 years ago)

Rights

FreeBSD VuXML Security Team

Other Advisories

Source	# ID	Name	URL
FreeBSD VuXML			http://www.mozilla.org/security/announce/2008/mfsa2008-60.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2008/mfsa2008-61.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2008/mfsa2008-62.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2008/mfsa2008-63.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2008/mfsa2008-64.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2008/mfsa2008-65.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2008/mfsa2008-66.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2008/mfsa2008-67.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2008/mfsa2008-68.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2008/mfsa2008-69.html

Type	Package URL	Name / Product	Version
Affected	pkg:freebsd/thunderbird	thunderbird	< 2.0.0.18
Affected	pkg:freebsd/seamonkey	seamonkey	< 1.1.14
Affected	pkg:freebsd/linux-firefox	linux-firefox	< 2.0.0.20
Affected	pkg:freebsd/firefox	firefox	> 3.*,1 < 2.0.0.20,1

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date