FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mozilla -- multiple vulnerabilities

Affected packages
3.6.*,1	<	firefox	<	3.6.4,1
3.5.*,1	<	firefox	<	3.5.10,1
		linux-firefox-devel	<	3.5.10
2.0.*	<	seamonkey	<	2.0.5
3.0	<=	thunderbird	<	3.0.5

Details

VuXML ID	99858b7c-7ece-11df-a007-000f20797ede
Discovery	2010-06-22
Entry	2010-06-23

Mozilla Project reports:

MFSA 2010-33 User tracking across sites using Math.random()

MFSA 2010-32 Content-Disposition: attachment ignored if Content-Type: multipart also present

MFSA 2010-31 focus() behavior can be used to inject or steal keystrokes

MFSA 2010-30 Integer Overflow in XSLT Node Sorting

MFSA 2010-29 Heap buffer overflow in nsGenericDOMDataNode::SetTextInternal

MFSA 2010-28 Freed object reuse across plugin instances

MFSA 2010-27 Use-after-free error in nsCycleCollector::MarkRoots()

MFSA 2010-26 Crashes with evidence of memory corruption (rv:1.9.2.4/ 1.9.1.10)

MFSA 2010-25 Re-use of freed object due to scope confusion

[source]

References

CVE Name	CVE-2008-5913
CVE Name	CVE-2010-0183
CVE Name	CVE-2010-1121
CVE Name	CVE-2010-1125
CVE Name	CVE-2010-1196
CVE Name	CVE-2010-1197
CVE Name	CVE-2010-1198
CVE Name	CVE-2010-1199
CVE Name	CVE-2010-1200
CVE Name	CVE-2010-1201
CVE Name	CVE-2010-1202
CVE Name	CVE-2010-1203
URL	http://www.mozilla.org/security/announce/2010/mfsa2010-25.html
URL	http://www.mozilla.org/security/announce/2010/mfsa2010-26.html
URL	http://www.mozilla.org/security/announce/2010/mfsa2010-27.html
URL	http://www.mozilla.org/security/announce/2010/mfsa2010-28.html
URL	http://www.mozilla.org/security/announce/2010/mfsa2010-29.html
URL	http://www.mozilla.org/security/announce/2010/mfsa2010-30.html
URL	http://www.mozilla.org/security/announce/2010/mfsa2010-31.html
URL	http://www.mozilla.org/security/announce/2010/mfsa2010-32.html
URL	http://www.mozilla.org/security/announce/2010/mfsa2010-33.html