[FREEBSD:2C2D1C39-1396-459A-91F5-CA03EE7C64C6] mozilla -- multiple vulnerabilities
Severity
High
Affected Packages
8
CVEs
21
The Mozilla Project reports:
MFSA 2015-134 Miscellaneous memory safety hazards
(rv:43.0 / rv:38.5)
MFSA 2015-135 Crash with JavaScript variable assignment
with unboxed objects
MFSA 2015-136 Same-origin policy violation using
perfomance.getEntries and history navigation
MFSA 2015-137 Firefox allows for control characters to be
set in cookies
MFSA 2015-138 Use-after-free in WebRTC when datachannel
is used after being destroyed
MFSA 2015-139 Integer overflow allocating extremely large
textures
MFSA 2015-140 Cross-origin information leak through web
workers error events
MFSA 2015-141 Hash in data URI is incorrectly parsed
MFSA 2015-142 DOS due to malformed frames in HTTP/2
MFSA 2015-143 Linux file chooser crashes on malformed
images due to flaws in Jasper library
MFSA 2015-144 Buffer overflows found through code
inspection
MFSA 2015-145 Underflow through code inspection
MFSA 2015-146 Integer overflow in MP4 playback in 64-bit
versions
MFSA 2015-147 Integer underflow and buffer overflow
processing MP4 metadata in libstagefright
MFSA 2015-148 Privilege escalation vulnerabilities in
WebExtension APIs
MFSA 2015-149 Cross-site reading attack through data and
view-source URIs
| Package | Affected Version |
|---|---|
 pkg:freebsd/thunderbird
|
< 38.5.0 |
|
pkg:freebsd/seamonkey
|
< 2.40 |
|
pkg:freebsd/linux-thunderbird
|
< 38.5.0 |
|
pkg:freebsd/linux-seamonkey
|
< 2.40 |
|
pkg:freebsd/linux-firefox
|
< 43.0,1 |
|
pkg:freebsd/libxul
|
< 38.5.0 |
|
pkg:freebsd/firefox-esr
|
< 38.5.0,1 |
|
pkg:freebsd/firefox
|
< 43.0,1 |
- ID
- FREEBSD:2C2D1C39-1396-459A-91F5-CA03EE7C64C6
- Severity
- high
- Severity from
- CVE-2015-7201
- URL
- http://vuxml.freebsd.org/freebsd/2c2d1c39-1396-459a-91f5-ca03ee7c64c6.html
- Published
-
2015-12-15T00:00:00
(8 years ago) - Modified
-
2015-12-15T00:00:00
(8 years ago) - Rights
- FreeBSD VuXML Security Team
- Other Advisories
DSA-3422-1
ELSA-2015-2657
GLSA-201512-10
RHSA-2015:2657
SUSE-SU-2015:2334-1
USN-2833-1| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:freebsd/thunderbird |
thunderbird
|
< 38.5.0 | ||||
| Affected | pkg:freebsd/seamonkey |
seamonkey
|
< 2.40 | ||||
| Affected | pkg:freebsd/linux-thunderbird |
linux-thunderbird
|
< 38.5.0 | ||||
| Affected | pkg:freebsd/linux-seamonkey |
linux-seamonkey
|
< 2.40 | ||||
| Affected | pkg:freebsd/linux-firefox |
linux-firefox
|
< 43.0,1 | ||||
| Affected | pkg:freebsd/libxul |
libxul
|
< 38.5.0 | ||||
| Affected | pkg:freebsd/firefox-esr |
firefox-esr
|
< 38.5.0,1 | ||||
| Affected | pkg:freebsd/firefox |
firefox
|
< 43.0,1 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |