FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mozilla -- multiple vulnerabilities

Affected packages
4.0,1	<	firefox	<	10.0,1
3.6.*,1	<=	firefox	<	3.6.26
		linux-firefox	<	10.0,1
		linux-seamonkey	<	2.7
		linux-thunderbird	<	10.0
		seamonkey	<	2.7
4.0	<	thunderbird	<	10.0
3.1.*	<	thunderbird	<	3.1.18

Details

VuXML ID	0a9e2b72-4cb7-11e1-9146-14dae9ebcf89
Discovery	2012-01-31
Entry	2012-02-01
Modified	2012-03-18

The Mozilla Project reports:

MFSA 2012-01 Miscellaneous memory safety hazards (rv:10.0/ rv:1.9.2.26)

MFSA 2012-02 Overly permissive IPv6 literal syntax

MFSA 2012-03 iframe element exposed across domains via name attribute

MFSA 2012-04 Child nodes from nsDOMAttribute still accessible after removal of nodes

MFSA 2012-05 Frame scripts calling into untrusted objects bypass security checks

MFSA 2012-06 Uninitialized memory appended when encoding icon images may cause information disclosure

MFSA 2012-07 Potential Memory Corruption When Decoding Ogg Vorbis files

MFSA 2012-08 Crash with malformed embedded XSLT stylesheets

MFSA 2012-09 Firefox Recovery Key.html is saved with unsafe permission

[source]

References

CVE Name	CVE-2011-3659
CVE Name	CVE-2011-3670
CVE Name	CVE-2012-0442
CVE Name	CVE-2012-0443
CVE Name	CVE-2012-0445
CVE Name	CVE-2012-0446
CVE Name	CVE-2012-0447
CVE Name	CVE-2012-0449
CVE Name	CVE-2012-0450
URL	http://www.mozilla.org/security/announce/2012/mfsa2012-01.html
URL	http://www.mozilla.org/security/announce/2012/mfsa2012-02.html
URL	http://www.mozilla.org/security/announce/2012/mfsa2012-03.html
URL	http://www.mozilla.org/security/announce/2012/mfsa2012-04.html
URL	http://www.mozilla.org/security/announce/2012/mfsa2012-05.html
URL	http://www.mozilla.org/security/announce/2012/mfsa2012-06.html
URL	http://www.mozilla.org/security/announce/2012/mfsa2012-07.html
URL	http://www.mozilla.org/security/announce/2012/mfsa2012-08.html
URL	http://www.mozilla.org/security/announce/2012/mfsa2012-09.html