[FREEBSD:45F102CD-4456-11E0-9580-4061862B8C22] mozilla -- multiple vulnerabilities

Severity High

Affected Packages 8

CVEs 11

The Mozilla Project reports:

  MFSA 2011-01 Miscellaneous memory safety hazards (rv:1.9.2.14/ 1.9.1.17)
  MFSA 2011-02 Recursive eval call causes confirm dialogs to evaluate to true
  MFSA 2011-03 Use-after-free error in JSON.stringify
  MFSA 2011-04 Buffer overflow in JavaScript upvarMap
  MFSA 2011-05 Buffer overflow in JavaScript atom map
  MFSA 2011-06 Use-after-free error using Web Workers
  MFSA 2011-07 Memory corruption during text run construction (Windows)
  MFSA 2011-08 ParanoidFragmentSink allows javascript: URLs in chrome documents
  MFSA 2011-09 Crash caused by corrupted JPEG image
  MFSA 2011-10 CSRF risk with plugins and 307 redirects

Package	Affected Version
pkg:freebsd/thunderbird	< 3.1.8
pkg:freebsd/seamonkey	> 2.0.*, < 2.0.12
pkg:freebsd/linux-thunderbird	< 3.1.8
pkg:freebsd/linux-seamonkey	> 2.0.*, < 2.0.12
pkg:freebsd/linux-firefox-devel	< 3.5.17
pkg:freebsd/linux-firefox	< 3.6.14,1
pkg:freebsd/libxul	> 1.9.2.*, < 1.9.2.14
pkg:freebsd/firefox	> 3.6.*,1, < 3.6.14,1

ID

FREEBSD:45F102CD-4456-11E0-9580-4061862B8C22

Severity

high

Severity from

CVE-2011-0053

URL

http://vuxml.freebsd.org/freebsd/45f102cd-4456-11e0-9580-4061862b8c22.html

Published

2011-03-01T00:00:00
(13 years ago)

Modified

2011-03-01T00:00:00
(13 years ago)

Rights

FreeBSD VuXML Security Team

Other Advisories

Source	# ID	Name	URL
FreeBSD VuXML			https://www.mozilla.org/security/announce/2011/mfsa2011-01.html
FreeBSD VuXML			https://www.mozilla.org/security/announce/2011/mfsa2011-02.html
FreeBSD VuXML			https://www.mozilla.org/security/announce/2011/mfsa2011-03.html
FreeBSD VuXML			https://www.mozilla.org/security/announce/2011/mfsa2011-04.html
FreeBSD VuXML			https://www.mozilla.org/security/announce/2011/mfsa2011-05.html
FreeBSD VuXML			https://www.mozilla.org/security/announce/2011/mfsa2011-06.html
FreeBSD VuXML			https://www.mozilla.org/security/announce/2011/mfsa2011-07.html
FreeBSD VuXML			https://www.mozilla.org/security/announce/2011/mfsa2011-08.html
FreeBSD VuXML			https://www.mozilla.org/security/announce/2011/mfsa2011-09.html
FreeBSD VuXML			https://www.mozilla.org/security/announce/2011/mfsa2011-10.html

Type	Package URL	Name / Product	Version
Affected	pkg:freebsd/thunderbird	thunderbird	< 3.1.8
Affected	pkg:freebsd/seamonkey	seamonkey	> 2.0.* < 2.0.12
Affected	pkg:freebsd/linux-thunderbird	linux-thunderbird	< 3.1.8
Affected	pkg:freebsd/linux-seamonkey	linux-seamonkey	> 2.0.* < 2.0.12
Affected	pkg:freebsd/linux-firefox-devel	linux-firefox-devel	< 3.5.17
Affected	pkg:freebsd/linux-firefox	linux-firefox	< 3.6.14,1
Affected	pkg:freebsd/libxul	libxul	> 1.9.2.* < 1.9.2.14
Affected	pkg:freebsd/firefox	firefox	> 3.6.*,1 < 3.6.14,1

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date