[FREEBSD:A1050B8B-6DB3-11E1-8B37-0011856A6E37] mozilla -- multiple vulnerabilities

Severity High

Affected Packages 7

CVEs 11

The Mozilla Project reports:

  MFSA 2012-13 XSS with Drag and Drop and Javascript: URL
  MFSA 2012-14 SVG issues found with Address Sanitizer
  MFSA 2012-15 XSS with multiple Content Security Policy headers
  MFSA 2012-16 Escalation of privilege with Javascript: URL as home page
  MFSA 2012-17 Crash when accessing keyframe cssText after dynamic modification
  MFSA 2012-18 window.fullScreen writeable by untrusted content
  MFSA 2012-19 Miscellaneous memory safety hazards (rv:11.0/ rv:10.0.3 / rv:1.9.2.28)

Package	Affected Version
pkg:freebsd/thunderbird	> 4.0, < 10.0.3
pkg:freebsd/seamonkey	< 2.8
pkg:freebsd/linux-thunderbird	< 10.0.3
pkg:freebsd/linux-seamonkey	< 2.8
pkg:freebsd/linux-firefox	< 10.0.3,1
pkg:freebsd/libxul	> 1.9.2.*, < 1.9.2.28
pkg:freebsd/firefox	> 4.0,1, < 10.0.3,1

ID

FREEBSD:A1050B8B-6DB3-11E1-8B37-0011856A6E37

Severity

high

Severity from

CVE-2012-0457

URL

http://vuxml.freebsd.org/freebsd/a1050b8b-6db3-11e1-8b37-0011856a6e37.html

Published

2012-03-13T00:00:00
(12 years ago)

Modified

2012-03-14T00:00:00
(12 years ago)

Rights

FreeBSD VuXML Security Team

Other Advisories

Source	# ID	Name	URL
FreeBSD VuXML			http://www.mozilla.org/security/announce/2012/mfsa2012-13.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2012/mfsa2012-14.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2012/mfsa2012-15.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2012/mfsa2012-16.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2012/mfsa2012-17.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2012/mfsa2012-18.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2012/mfsa2012-19.html

Type	Package URL	Name / Product	Version
Affected	pkg:freebsd/thunderbird	thunderbird	> 4.0 < 10.0.3
Affected	pkg:freebsd/seamonkey	seamonkey	< 2.8
Affected	pkg:freebsd/linux-thunderbird	linux-thunderbird	< 10.0.3
Affected	pkg:freebsd/linux-seamonkey	linux-seamonkey	< 2.8
Affected	pkg:freebsd/linux-firefox	linux-firefox	< 10.0.3,1
Affected	pkg:freebsd/libxul	libxul	> 1.9.2.* < 1.9.2.28
Affected	pkg:freebsd/firefox	firefox	> 4.0,1 < 10.0.3,1

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date