FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mozilla -- multiple vulnerabilities

Affected packages
2.0	<	seamonkey	<	2.0.4
3.0	<=	thunderbird	<	3.0.4
3.5.*,1	<	firefox	<	3.5.9,1
3.*,1	<	firefox	<	3.0.19,1
		linux-firefox	<	3.0.19,1
		linux-firefox-devel	<	3.5.9
		linux-f10-nss	<	3.12.5
		nss	<	3.12.5

Details

VuXML ID	9ccfee39-3c3b-11df-9edc-000f20797ede
Discovery	2010-03-30
Entry	2010-03-30

Mozilla Project reports:

MFSA 2010-24 XMLDocument::load() doesn't check nsIContentPolicy

MFSA 2010-23 Image src redirect to mailto: URL opens email editor

MFSA 2010-22 Update NSS to support TLS renegotiation indication

MFSA 2010-21 Arbitrary code execution with Firebug XMLHttpRequestSpy

MFSA 2010-20 Chrome privilege escalation via forced URL drag and drop

MFSA 2010-19 Dangling pointer vulnerability in nsPluginArray

MFSA 2010-18 Dangling pointer vulnerability in nsTreeContentView

MFSA 2010-17 Remote code execution with use-after-free in nsTreeSelection

MFSA 2010-16 Crashes with evidence of memory corruption (rv:1.9.2.2/ 1.9.1.9/ 1.9.0.19)

[source]

References

CVE Name	CVE-2009-3555
CVE Name	CVE-2010-0173
CVE Name	CVE-2010-0174
CVE Name	CVE-2010-0175
CVE Name	CVE-2010-0176
CVE Name	CVE-2010-0177
CVE Name	CVE-2010-0178
CVE Name	CVE-2010-0179
CVE Name	CVE-2010-0181
URL	http://www.mozilla.org/security/announce/2010/mfsa2010-16.html
URL	http://www.mozilla.org/security/announce/2010/mfsa2010-17.html
URL	http://www.mozilla.org/security/announce/2010/mfsa2010-18.html
URL	http://www.mozilla.org/security/announce/2010/mfsa2010-19.html
URL	http://www.mozilla.org/security/announce/2010/mfsa2010-20.html
URL	http://www.mozilla.org/security/announce/2010/mfsa2010-21.html
URL	http://www.mozilla.org/security/announce/2010/mfsa2010-22.html
URL	http://www.mozilla.org/security/announce/2010/mfsa2010-23.html
URL	http://www.mozilla.org/security/announce/2010/mfsa2010-24.html