[FREEBSD:6E5A9AFD-12D3-11E2-B47D-C8600054B392] mozilla -- multiple vulnerabilities
Severity
High
Affected Packages
7
CVEs
27
The Mozilla Project reports:
MFSA 2012-74 Miscellaneous memory safety hazards (rv:16.0/
rv:10.0.8)
MFSA 2012-75 select element persistance allows for attacks
MFSA 2012-76 Continued access to initial origin after setting
document.domain
MFSA 2012-77 Some DOMWindowUtils methods bypass security checks
MFSA 2012-78 Reader Mode pages have chrome privileges
MFSA 2012-79 DOS and crash with full screen and history navigation
MFSA 2012-80 Crash with invalid cast when using instanceof
operator
MFSA 2012-81 GetProperty function can bypass security checks
MFSA 2012-82 top object and location property accessible by
plugins
MFSA 2012-83 Chrome Object Wrapper (COW) does not disallow acces
to privileged functions or properties
MFSA 2012-84 Spoofing and script injection through location.hash
MFSA 2012-85 Use-after-free, buffer overflow, and out of bounds
read issues found using Address Sanitizer
MFSA 2012-86 Heap memory corruption issues found using Address
Sanitizer
MFSA 2012-87 Use-after-free in the IME State Manager
MFSA 2012-88 Miscellaneous memory safety hazards (rv:16.0.1)
MFSA 2012-89 defaultValue security checks not applied
| Package | Affected Version |
|---|---|
 pkg:freebsd/thunderbird
|
> 11.0, < 16.0.1 |
|
pkg:freebsd/seamonkey
|
< 2.13.1 |
|
pkg:freebsd/linux-thunderbird
|
< 10.0.9 |
|
pkg:freebsd/linux-seamonkey
|
< 2.13.1 |
|
pkg:freebsd/linux-firefox
|
< 10.0.9,1 |
|
pkg:freebsd/libxul
|
> 1.9.2.*, < 10.0.9 |
|
pkg:freebsd/firefox
|
> 11.0,1, < 16.0.1,1 |
- ID
- FREEBSD:6E5A9AFD-12D3-11E2-B47D-C8600054B392
- Severity
- high
- Severity from
- CVE-2012-3983
- URL
- http://vuxml.freebsd.org/freebsd/6e5a9afd-12d3-11e2-b47d-c8600054b392.html
- Published
-
2012-10-09T00:00:00
(12 years ago) - Modified
-
2012-10-10T00:00:00
(12 years ago) - Rights
- FreeBSD VuXML Security Team
- Other Advisories
ELSA-2012-1350
GLSA-201301-01
RHSA-2012:1350
USN-1600-1| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:freebsd/thunderbird |
thunderbird
|
> 11.0 < 16.0.1 | ||||
| Affected | pkg:freebsd/seamonkey |
seamonkey
|
< 2.13.1 | ||||
| Affected | pkg:freebsd/linux-thunderbird |
linux-thunderbird
|
< 10.0.9 | ||||
| Affected | pkg:freebsd/linux-seamonkey |
linux-seamonkey
|
< 2.13.1 | ||||
| Affected | pkg:freebsd/linux-firefox |
linux-firefox
|
< 10.0.9,1 | ||||
| Affected | pkg:freebsd/libxul |
libxul
|
> 1.9.2.* < 10.0.9 | ||||
| Affected | pkg:freebsd/firefox |
firefox
|
> 11.0,1 < 16.0.1,1 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |