Lucene search

K
freebsdFreeBSD6E5A9AFD-12D3-11E2-B47D-C8600054B392
HistoryOct 09, 2012 - 12:00 a.m.

mozilla -- multiple vulnerabilities

2012-10-0900:00:00
vuxml.freebsd.org
26

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.713

Percentile

98.1%

The Mozilla Project reports:

MFSA 2012-74 Miscellaneous memory safety hazards (rv:16.0/
rv:10.0.8)
MFSA 2012-75 select element persistance allows for attacks
MFSA 2012-76 Continued access to initial origin after setting
document.domain
MFSA 2012-77 Some DOMWindowUtils methods bypass security checks
MFSA 2012-78 Reader Mode pages have chrome privileges
MFSA 2012-79 DOS and crash with full screen and history navigation
MFSA 2012-80 Crash with invalid cast when using instanceof
operator
MFSA 2012-81 GetProperty function can bypass security checks
MFSA 2012-82 top object and location property accessible by
plugins
MFSA 2012-83 Chrome Object Wrapper (COW) does not disallow acces
to privileged functions or properties
MFSA 2012-84 Spoofing and script injection through location.hash
MFSA 2012-85 Use-after-free, buffer overflow, and out of bounds
read issues found using Address Sanitizer
MFSA 2012-86 Heap memory corruption issues found using Address
Sanitizer
MFSA 2012-87 Use-after-free in the IME State Manager
MFSA 2012-88 Miscellaneous memory safety hazards (rv:16.0.1)
MFSA 2012-89 defaultValue security checks not applied

References

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.713

Percentile

98.1%