[FREEBSD:C4F067B9-DC4A-11DF-8E32-000F20797EDE] mozilla -- multiple vulnerabilities

Severity High

Affected Packages 6

CVEs 12

The Mozilla Project reports:

  MFSA 2010-64 Miscellaneous memory safety hazards (rv:1.9.2.11/ 1.9.1.14)
  MFSA 2010-65 Buffer overflow and memory corruption using document.write
  MFSA 2010-66 Use-after-free error in nsBarProp
  MFSA 2010-67 Dangling pointer vulnerability in LookupGetterOrSetter
  MFSA 2010-68 XSS in gopher parser when parsing hrefs
  MFSA 2010-69 Cross-site information disclosure via modal calls
  MFSA 2010-70 SSL wildcard certificate matching IP addresses
  MFSA 2010-71 Unsafe library loading vulnerabilities
  MFSA 2010-72 Insecure Diffie-Hellman key exchange

Package	Affected Version
pkg:freebsd/thunderbird	< 3.0.9
pkg:freebsd/seamonkey	> 2.0.*, < 2.0.9
pkg:freebsd/linux-firefox-devel	< 3.5.14
pkg:freebsd/linux-firefox	< 3.6.11,1
pkg:freebsd/libxul	> 1.9.2.*, < 1.9.2.11
pkg:freebsd/firefox	> 3.6.*,1, < 3.6.11,1

ID

FREEBSD:C4F067B9-DC4A-11DF-8E32-000F20797EDE

Severity

high

Severity from

CVE-2010-3174

URL

http://vuxml.freebsd.org/freebsd/c4f067b9-dc4a-11df-8e32-000f20797ede.html

Published

2010-10-19T00:00:00
(14 years ago)

Modified

2010-10-20T00:00:00
(14 years ago)

Rights

FreeBSD VuXML Security Team

Other Advisories

Source	# ID	Name	URL
FreeBSD VuXML			http://www.mozilla.org/security/announce/2010/mfsa2010-64.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2010/mfsa2010-65.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2010/mfsa2010-66.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2010/mfsa2010-67.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2010/mfsa2010-68.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2010/mfsa2010-69.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2010/mfsa2010-70.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2010/mfsa2010-71.html
FreeBSD VuXML			http://www.mozilla.org/security/announce/2010/mfsa2010-72.html

Type	Package URL	Name / Product	Version
Affected	pkg:freebsd/thunderbird	thunderbird	< 3.0.9
Affected	pkg:freebsd/seamonkey	seamonkey	> 2.0.* < 2.0.9
Affected	pkg:freebsd/linux-firefox-devel	linux-firefox-devel	< 3.5.14
Affected	pkg:freebsd/linux-firefox	linux-firefox	< 3.6.11,1
Affected	pkg:freebsd/libxul	libxul	> 1.9.2.* < 1.9.2.11
Affected	pkg:freebsd/firefox	firefox	> 3.6.*,1 < 3.6.11,1

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date