FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mozilla -- multiple vulnerabilities

Affected packages
firefox < 46.0,1
linux-firefox < 46.0,1
linux-seamonkey < 2.43
seamonkey < 2.43
39.0,1 <= firefox-esr < 45.1.0,1
firefox-esr < 38.8.0,1
39.0 <= libxul < 45.1.0
libxul < 38.8.0
39.0 <= linux-thunderbird < 45.1.0
linux-thunderbird < 38.8.0
39.0 <= thunderbird < 45.1.0
thunderbird < 38.8.0

Details

VuXML ID 92d44f83-a7bf-41cf-91ee-3d1b8ecf579f
Discovery 2016-04-26
Entry 2016-04-26

Mozilla Foundation reports:

MFSA 2016-39 Miscellaneous memory safety hazards (rv:46.0 / rv:45.1 / rv:38.8)

MFSA 2016-42 Use-after-free and buffer overflow in Service Workers

MFSA 2016-44 Buffer overflow in libstagefright with CENC offsets

MFSA 2016-45 CSP not applied to pages sent with multipart/x-mixed-replace

MFSA 2016-46 Elevation of privilege with chrome.tabs.update API in web extensions

MFSA 2016-47 Write to invalid HashMap entry through JavaScript.watch()

MFSA 2016-48 Firefox Health Reports could accept events from untrusted domains

[source]

References

CVE Name CVE-2016-2804
CVE Name CVE-2016-2805
CVE Name CVE-2016-2806
CVE Name CVE-2016-2807
CVE Name CVE-2016-2808
CVE Name CVE-2016-2811
CVE Name CVE-2016-2812
CVE Name CVE-2016-2814
CVE Name CVE-2016-2816
CVE Name CVE-2016-2817
CVE Name CVE-2016-2820
URL https://www.mozilla.org/security/advisories/mfsa2016-39/
URL https://www.mozilla.org/security/advisories/mfsa2016-42/
URL https://www.mozilla.org/security/advisories/mfsa2016-44/
URL https://www.mozilla.org/security/advisories/mfsa2016-45/
URL https://www.mozilla.org/security/advisories/mfsa2016-46/
URL https://www.mozilla.org/security/advisories/mfsa2016-47/
URL https://www.mozilla.org/security/advisories/mfsa2016-48/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.