FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mozilla -- multiple vulnerabilities

Affected packages
11.0,1 < firefox < 12.0,1
firefox < 10.0.4,1
linux-firefox < 10.0.4,1
linux-seamonkey < 2.9
linux-thunderbird < 10.0.4
seamonkey < 2.9
11.0 < thunderbird < 12.0
thunderbird < 10.0.4
1.9.2.* < libxul < 10.0.4

Details

VuXML ID 380e8c56-8e32-11e1-9580-4061862b8c22
Discovery 2012-04-24
Entry 2012-04-24

The Mozilla Project reports:

MFSA 2012-20 Miscellaneous memory safety hazards (rv:12.0/ rv:10.0.4)

MFSA 2012-21 Multiple security flaws fixed in FreeType v2.4.9

MFSA 2012-22 use-after-free in IDBKeyRange

MFSA 2012-23 Invalid frees causes heap corruption in gfxImageSurface

MFSA 2012-24 Potential XSS via multibyte content processing errors

MFSA 2012-25 Potential memory corruption during font rendering using cairo-dwrite

MFSA 2012-26 WebGL.drawElements may read illegal video memory due to FindMaxUshortElement error

MFSA 2012-27 Page load short-circuit can lead to XSS

MFSA 2012-28 Ambiguous IPv6 in Origin headers may bypass webserver access restrictions

MFSA 2012-29 Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues

MFSA 2012-30 Crash with WebGL content using textImage2D

MFSA 2012-31 Off-by-one error in OpenType Sanitizer

MFSA 2012-32 HTTP Redirections and remote content can be read by javascript errors

MFSA 2012-33 Potential site identity spoofing when loading RSS and Atom feeds

[source]

References

CVE Name CVE-2011-1187
CVE Name CVE-2011-3062
CVE Name CVE-2012-0467
CVE Name CVE-2012-0468
CVE Name CVE-2012-0469
CVE Name CVE-2012-0470
CVE Name CVE-2012-0471
CVE Name CVE-2012-0472
CVE Name CVE-2012-0473
CVE Name CVE-2012-0474
CVE Name CVE-2012-0475
CVE Name CVE-2012-0477
CVE Name CVE-2012-0478
CVE Name CVE-2012-0479
CVE Name CVE-2012-1126
CVE Name CVE-2012-1127
CVE Name CVE-2012-1128
CVE Name CVE-2012-1129
CVE Name CVE-2012-1130
CVE Name CVE-2012-1131
CVE Name CVE-2012-1132
CVE Name CVE-2012-1133
CVE Name CVE-2012-1134
CVE Name CVE-2012-1135
CVE Name CVE-2012-1136
CVE Name CVE-2012-1137
CVE Name CVE-2012-1138
CVE Name CVE-2012-1139
CVE Name CVE-2012-1140
CVE Name CVE-2012-1141
CVE Name CVE-2012-1142
CVE Name CVE-2012-1143
CVE Name CVE-2012-1144
URL http://www.mozilla.org/security/announce/2012/mfsa2012-20.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-21.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-22.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-23.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-24.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-25.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-26.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-27.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-28.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-29.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-30.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-31.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-32.html
URL http://www.mozilla.org/security/announce/2012/mfsa2012-33.html

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.