FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mozilla -- multiple vulnerabilities

Affected packages
firefox < 3.*,1
3.*,1 < firefox < 3.0.13,1
3.5.*,1 < firefox < 3.5.2,1
linux-firefox < 3.*,1
3.*,1 < linux-firefox < 3.0.13,1
3.5.*,1 < linux-firefox < 3.5.2,1
linux-firefox-devel < 3.5.2
linux-seamonkey < 1.1.18
seamonkey < 1.1.18
0 < linux-seamonkey-devel
linux-thunderbird < 2.0.0.23
thunderbird < 2.0.0.23

Details

VuXML ID 49e8f2ee-8147-11de-a994-0030843d3802
Discovery 2009-08-03
Entry 2009-08-04
Modified 2009-09-04

Mozilla Project reports:

MFSA 2009-38: Data corruption with SOCKS5 reply containing DNS name longer than 15 characters

MFSA 2009-42: Compromise of SSL-protected communication

MFSA 2009-43: Heap overflow in certificate regexp parsing

MFSA 2009-44: Location bar and SSL indicator spoofing via window.open() on invalid URL

MFSA 2009-45: Crashes with evidence of memory corruption (rv:1.9.1.2/1.9.0.13)

MFSA 2009-46: Chrome privilege escalation due to incorrectly cached wrapper

[source]

References

CVE Name CVE-2009-2404
CVE Name CVE-2009-2408
CVE Name CVE-2009-2454
CVE Name CVE-2009-2470
URL http://www.mozilla.org/security/announce/2009/mfsa2009-38.html
URL http://www.mozilla.org/security/announce/2009/mfsa2009-42.html
URL http://www.mozilla.org/security/announce/2009/mfsa2009-43.html
URL http://www.mozilla.org/security/announce/2009/mfsa2009-44.html
URL http://www.mozilla.org/security/announce/2009/mfsa2009-45.html
URL http://www.mozilla.org/security/announce/2009/mfsa2009-46.html

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.