mozilla -- multiple vulnerabilities

2006-04-13T00:00:00
ID 84630F4A-CD8C-11DA-B7B9-000C6EC775D9
Type freebsd
Reporter FreeBSD
Modified 2006-04-27T00:00:00

Description

A Mozilla Foundation Security Advisory reports of multiple issues. Several of which can be used to run arbitrary code with the privilege of the user running the program.

MFSA 2006-29 Spoofing with translucent windows MFSA 2006-28 Security check of js_ValueToFunctionObject() can be circumvented MFSA 2006-26 Mail Multiple Information Disclosure MFSA 2006-25 Privilege escalation through Print Preview MFSA 2006-24 Privilege escalation using crypto.generateCRMFRequest MFSA 2006-23 File stealing by changing input type MFSA 2006-22 CSS Letter-Spacing Heap Overflow Vulnerability MFSA 2006-20 Crashes with evidence of memory corruption (rv:1.8.0.2) MFSA 2006-19 Cross-site scripting using .valueOf.call() MFSA 2006-18 Mozilla Firefox Tag Order Vulnerability MFSA 2006-17 cross-site scripting through window.controllers MFSA 2006-16 Accessing XBL compilation scope via valueOf.call() MFSA 2006-15 Privilege escalation using a JavaScript function's cloned parent MFSA 2006-14 Privilege escalation via XBL.method.eval MFSA 2006-13 Downloading executables with "Save Image As..." MFSA 2006-12 Secure-site spoof (requires security warning dialog) MFSA 2006-11 Crashes with evidence of memory corruption (rv:1.8) MFSA 2006-10 JavaScript garbage-collection hazard audit MFSA 2006-09 Cross-site JavaScript injection using event handlers