[FREEBSD:99029172-8253-407D-9D8B-2CFEAB9ABF81] mozilla -- multiple vulnerabilities
Severity
High
Affected Packages
8
CVEs
18
The Mozilla Project reports:
MFSA-2015-11 Miscellaneous memory safety hazards (rv:36.0
/ rv:31.5)
MFSA-2015-12 Invoking Mozilla updater will load locally
stored DLL files
MFSA-2015-13 Appended period to hostnames can bypass HPKP
and HSTS protections
MFSA-2015-14 Malicious WebGL content crash when writing
strings
MFSA-2015-15 TLS TURN and STUN connections silently fail
to simple TCP connections
MFSA-2015-16 Use-after-free in IndexedDB
MFSA-2015-17 Buffer overflow in libstagefright during MP4
video playback
MFSA-2015-18 Double-free when using non-default memory
allocators with a zero-length XHR
MFSA-2015-19 Out-of-bounds read and write while rendering
SVG content
MFSA-2015-20 Buffer overflow during CSS restyling
MFSA-2015-21 Buffer underflow during MP3 playback
MFSA-2015-22 Crash using DrawTarget in Cairo graphics
library
MFSA-2015-23 Use-after-free in Developer Console date
with OpenType Sanitiser
MFSA-2015-24 Reading of local files through manipulation
of form autocomplete
MFSA-2015-25 Local files or privileged URLs in pages can
be opened into new tabs
MFSA-2015-26 UI Tour whitelisted sites in background tab
can spoof foreground tabs
MFSA-2015-27 Caja Compiler JavaScript sandbox bypass
Package | Affected Version |
---|---|
pkg:freebsd/thunderbird | < 31.5.0 |
pkg:freebsd/seamonkey | < 2.33 |
pkg:freebsd/linux-thunderbird | < 31.5.0 |
pkg:freebsd/linux-seamonkey | < 2.33 |
pkg:freebsd/linux-firefox | < 36.0,1 |
pkg:freebsd/libxul | < 31.5.0 |
pkg:freebsd/firefox-esr | < 31.5.0,1 |
pkg:freebsd/firefox | < 36.0,1 |
- ID
- FREEBSD:99029172-8253-407D-9D8B-2CFEAB9ABF81
- Severity
- high
- Severity from
- CVE-2015-0823
- URL
- http://vuxml.freebsd.org/freebsd/99029172-8253-407d-9d8b-2cfeab9abf81.html
- Published
-
2015-02-24T00:00:00
(9 years ago) - Modified
-
2015-02-27T00:00:00
(9 years ago) - Rights
- FreeBSD VuXML Security Team
- Other Advisories
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:freebsd/thunderbird | thunderbird | < 31.5.0 | ||||
Affected | pkg:freebsd/seamonkey | seamonkey | < 2.33 | ||||
Affected | pkg:freebsd/linux-thunderbird | linux-thunderbird | < 31.5.0 | ||||
Affected | pkg:freebsd/linux-seamonkey | linux-seamonkey | < 2.33 | ||||
Affected | pkg:freebsd/linux-firefox | linux-firefox | < 36.0,1 | ||||
Affected | pkg:freebsd/libxul | libxul | < 31.5.0 | ||||
Affected | pkg:freebsd/firefox-esr | firefox-esr | < 31.5.0,1 | ||||
Affected | pkg:freebsd/firefox | firefox | < 36.0,1 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |