[FREEBSD:99029172-8253-407D-9D8B-2CFEAB9ABF81] mozilla -- multiple vulnerabilities
Severity
High
Affected Packages
8
CVEs
18
The Mozilla Project reports:
MFSA-2015-11 Miscellaneous memory safety hazards (rv:36.0
/ rv:31.5)
MFSA-2015-12 Invoking Mozilla updater will load locally
stored DLL files
MFSA-2015-13 Appended period to hostnames can bypass HPKP
and HSTS protections
MFSA-2015-14 Malicious WebGL content crash when writing
strings
MFSA-2015-15 TLS TURN and STUN connections silently fail
to simple TCP connections
MFSA-2015-16 Use-after-free in IndexedDB
MFSA-2015-17 Buffer overflow in libstagefright during MP4
video playback
MFSA-2015-18 Double-free when using non-default memory
allocators with a zero-length XHR
MFSA-2015-19 Out-of-bounds read and write while rendering
SVG content
MFSA-2015-20 Buffer overflow during CSS restyling
MFSA-2015-21 Buffer underflow during MP3 playback
MFSA-2015-22 Crash using DrawTarget in Cairo graphics
library
MFSA-2015-23 Use-after-free in Developer Console date
with OpenType Sanitiser
MFSA-2015-24 Reading of local files through manipulation
of form autocomplete
MFSA-2015-25 Local files or privileged URLs in pages can
be opened into new tabs
MFSA-2015-26 UI Tour whitelisted sites in background tab
can spoof foreground tabs
MFSA-2015-27 Caja Compiler JavaScript sandbox bypass
| Package | Affected Version |
|---|---|
 pkg:freebsd/thunderbird
|
< 31.5.0 |
|
pkg:freebsd/seamonkey
|
< 2.33 |
|
pkg:freebsd/linux-thunderbird
|
< 31.5.0 |
|
pkg:freebsd/linux-seamonkey
|
< 2.33 |
|
pkg:freebsd/linux-firefox
|
< 36.0,1 |
|
pkg:freebsd/libxul
|
< 31.5.0 |
|
pkg:freebsd/firefox-esr
|
< 31.5.0,1 |
|
pkg:freebsd/firefox
|
< 36.0,1 |
- ID
- FREEBSD:99029172-8253-407D-9D8B-2CFEAB9ABF81
- Severity
- high
- Severity from
- CVE-2015-0823
- URL
- http://vuxml.freebsd.org/freebsd/99029172-8253-407d-9d8b-2cfeab9abf81.html
- Published
-
2015-02-24T00:00:00
(9 years ago) - Modified
-
2015-02-27T00:00:00
(9 years ago) - Rights
- FreeBSD VuXML Security Team
- Other Advisories
DSA-3174-1
ELSA-2015-0265
GLSA-201504-01
RHSA-2015:0265
SUSE-SU-2015:0412-1
USN-2505-1| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:freebsd/thunderbird |
thunderbird
|
< 31.5.0 | ||||
| Affected | pkg:freebsd/seamonkey |
seamonkey
|
< 2.33 | ||||
| Affected | pkg:freebsd/linux-thunderbird |
linux-thunderbird
|
< 31.5.0 | ||||
| Affected | pkg:freebsd/linux-seamonkey |
linux-seamonkey
|
< 2.33 | ||||
| Affected | pkg:freebsd/linux-firefox |
linux-firefox
|
< 36.0,1 | ||||
| Affected | pkg:freebsd/libxul |
libxul
|
< 31.5.0 | ||||
| Affected | pkg:freebsd/firefox-esr |
firefox-esr
|
< 31.5.0,1 | ||||
| Affected | pkg:freebsd/firefox |
firefox
|
< 36.0,1 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |