From f9438802fc6c964346a1cfee8d9d718ef6517d9d Mon Sep 17 00:00:00 2001 From: Beat Gaetzi Date: Wed, 23 Jun 2010 18:01:08 +0000 Subject: - Document mozilla -- multiple vulnerabilities Feature safe: yes Approved by: delphij --- security/vuxml/vuln.xml | 66 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 66 insertions(+) (limited to 'security/vuxml/vuln.xml') diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index aeadbdfddb88..f23a9bd3b4e5 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,72 @@ Note: Please add new entries to the beginning of this file. --> + + mozilla -- multiple vulnerabilities + + + firefox + 3.6.*,13.6.4,1 + 3.5.*,13.5.10,1 + + + linux-firefox-devel + 3.5.10 + + + seamonkey + 2.0.*2.0.5 + + + thunderbird + 3.03.0.5 + + + + +

Mozilla Project reports:

+
+

MFSA 2010-33 User tracking across sites using Math.random()

+

MFSA 2010-32 Content-Disposition: attachment ignored if Content-Type: multipart also present

+

MFSA 2010-31 focus() behavior can be used to inject or steal keystrokes

+

MFSA 2010-30 Integer Overflow in XSLT Node Sorting

+

MFSA 2010-29 Heap buffer overflow in nsGenericDOMDataNode::SetTextInternal

+

MFSA 2010-28 Freed object reuse across plugin instances

+

MFSA 2010-27 Use-after-free error in nsCycleCollector::MarkRoots()

+

MFSA 2010-26 Crashes with evidence of memory corruption (rv:1.9.2.4/ 1.9.1.10)

+

MFSA 2010-25 Re-use of freed object due to scope confusion

+
+ + + + CVE-2008-5913 + CVE-2010-0183 + CVE-2010-1121 + CVE-2010-1125 + CVE-2010-1197 + CVE-2010-1199 + CVE-2010-1196 + CVE-2010-1198 + CVE-2010-1200 + CVE-2010-1201 + CVE-2010-1202 + CVE-2010-1203 + http://www.mozilla.org/security/announce/2010/mfsa2010-33.html + http://www.mozilla.org/security/announce/2010/mfsa2010-32.html + http://www.mozilla.org/security/announce/2010/mfsa2010-31.html + http://www.mozilla.org/security/announce/2010/mfsa2010-30.html + http://www.mozilla.org/security/announce/2010/mfsa2010-29.html + http://www.mozilla.org/security/announce/2010/mfsa2010-28.html + http://www.mozilla.org/security/announce/2010/mfsa2010-27.html + http://www.mozilla.org/security/announce/2010/mfsa2010-26.html + http://www.mozilla.org/security/announce/2010/mfsa2010-25.html + + + 2010-06-22 + 2010-06-23 + + + tiff -- Multiple integer overflows -- cgit v1.2.3