FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Mozilla -- multiple vulnerabilities

Affected packages
firefox < 48.0,1
linux-seamonkey < 2.45
seamonkey < 2.45
firefox-esr < 45.3.0,1
linux-firefox < 45.3.0,2
libxul < 45.3.0
linux-thunderbird < 45.3.0
thunderbird < 45.3.0

Details

VuXML ID aa1aefe3-6e37-47db-bfda-343ef4acb1b5
Discovery 2016-08-02
Entry 2016-09-07
Modified 2016-09-20

Mozilla Foundation reports:

MFSA2016-84 Information disclosure through Resource Timing API \ during page navigation

MFSA2016-83 Spoofing attack through text injection into \ internal error pages

MFSA2016-82 Addressbar spoofing with right-to-left characters \ on Firefox for Android

MFSA2016-81 Information disclosure and local file \ manipulation through drag and drop

MFSA2016-80 Same-origin policy violation using local HTML file and saved shortcut file

MFSA2016-79 Use-after-free when applying SVG effects

MFSA2016-78 Type confusion in display transformation

MFSA2016-77 Buffer overflow in ClearKey Content Decryption Module (CDM) during video playback

MFSA2016-76 Scripts on marquee tag can execute in sandboxed iframes

MFSA2016-75 Integer overflow in WebSockets during data \ buffering

MFSA2016-74 Form input type change from password to text \ can store plain text password in session restore file

MFSA2016-73 Use-after-free in service workers with nested sync events

MFSA2016-72 Use-after-free in DTLS during WebRTC session shutdown

MFSA2016-71 Crash in incremental garbage collection in \ JavaScript

MFSA2016-70 Use-after-free when using alt key and toplevel menus

MFSA2016-69 Arbitrary file manipulation by local user through \ Mozilla updater and callback application path parameter

MFSA2016-68 Out-of-bounds read during XML parsing in \ Expat library

MFSA2016-67 Stack underflow during 2D graphics rendering

MFSA2016-66 Location bar spoofing via data URLs with \ malformed/invalid mediatypes

MFSA2016-65 Cairo rendering crash due to memory allocation issue with FFmpeg 0.10

MFSA2016-64 Buffer overflow rendering SVG with bidirectional content

MFSA2016-63 Favicon network connection can persist when page is closed

MFSA2016-62 Miscellaneous memory safety hazards (rv:48.0 / rv:45.3)

References

CVE Name CVE-2016-0718
CVE Name CVE-2016-2830
CVE Name CVE-2016-2835
CVE Name CVE-2016-2836
CVE Name CVE-2016-2837
CVE Name CVE-2016-2838
CVE Name CVE-2016-2839
CVE Name CVE-2016-5250
CVE Name CVE-2016-5251
CVE Name CVE-2016-5252
CVE Name CVE-2016-5253
CVE Name CVE-2016-5254
CVE Name CVE-2016-5255
CVE Name CVE-2016-5258
CVE Name CVE-2016-5259
CVE Name CVE-2016-5260
CVE Name CVE-2016-5261
CVE Name CVE-2016-5262
CVE Name CVE-2016-5263
CVE Name CVE-2016-5264
CVE Name CVE-2016-5265
CVE Name CVE-2016-5266
CVE Name CVE-2016-5267
CVE Name CVE-2016-5268
URL https://www.mozilla.org/en-US/security/advisories/mfsa2016-62/
URL https://www.mozilla.org/en-US/security/advisories/mfsa2016-63/
URL https://www.mozilla.org/en-US/security/advisories/mfsa2016-64/
URL https://www.mozilla.org/en-US/security/advisories/mfsa2016-65/
URL https://www.mozilla.org/en-US/security/advisories/mfsa2016-66/
URL https://www.mozilla.org/en-US/security/advisories/mfsa2016-67/
URL https://www.mozilla.org/en-US/security/advisories/mfsa2016-68/
URL https://www.mozilla.org/en-US/security/advisories/mfsa2016-69/
URL https://www.mozilla.org/en-US/security/advisories/mfsa2016-70/
URL https://www.mozilla.org/en-US/security/advisories/mfsa2016-71/
URL https://www.mozilla.org/en-US/security/advisories/mfsa2016-72/
URL https://www.mozilla.org/en-US/security/advisories/mfsa2016-73/
URL https://www.mozilla.org/en-US/security/advisories/mfsa2016-74/
URL https://www.mozilla.org/en-US/security/advisories/mfsa2016-75/
URL https://www.mozilla.org/en-US/security/advisories/mfsa2016-76/
URL https://www.mozilla.org/en-US/security/advisories/mfsa2016-77/
URL https://www.mozilla.org/en-US/security/advisories/mfsa2016-78/
URL https://www.mozilla.org/en-US/security/advisories/mfsa2016-79/
URL https://www.mozilla.org/en-US/security/advisories/mfsa2016-80/
URL https://www.mozilla.org/en-US/security/advisories/mfsa2016-81/
URL https://www.mozilla.org/en-US/security/advisories/mfsa2016-82/
URL https://www.mozilla.org/en-US/security/advisories/mfsa2016-83/
URL https://www.mozilla.org/en-US/security/advisories/mfsa2016-84/