mozilla -- multiple vulnerabilities

2012-07-1700:00:00

vuxml.freebsd.org

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.265 Low

EPSS

Percentile

96.7%

JSON

The Mozilla Project reports:

MFSA 2012-42 Miscellaneous memory safety hazards (rv:14.0/
rv:10.0.6)
MFSA 2012-43 Incorrect URL displayed in addressbar through drag and
drop
MFSA 2012-44 Gecko memory corruption
MFSA 2012-45 Spoofing issue with location
MFSA 2012-46 XSS through data: URLs
MFSA 2012-47 Improper filtering of javascript in HTML feed-view
MFSA 2012-48 use-after-free in nsGlobalWindow::PageHidden
MFSA 2012-49 Same-compartment Security Wrappers can be bypassed
MFSA 2012-50 Out of bounds read in QCMS
MFSA 2012-51 X-Frame-Options header ignored when duplicated
MFSA 2012-52 JSDependentString::undepend string conversion results
in memory corruption
MFSA 2012-53 Content Security Policy 1.0 implementation errors
cause data leakage
MFSA 2012-54 Clickjacking of certificate warning page
MFSA 2012-55 feed: URLs with an innerURI inherit security context
of page
MFSA 2012-56 Code execution through javascript: URLs

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchfirefox< 14.0.1,1UNKNOWN
FreeBSDanynoarchlinux-firefox< 10.0.6,1UNKNOWN
FreeBSDanynoarchlinux-seamonkey< 2.11UNKNOWN
FreeBSDanynoarchlinux-thunderbird< 10.0.6UNKNOWN
FreeBSDanynoarchseamonkey< 2.11UNKNOWN
FreeBSDanynoarchthunderbird< 14.0UNKNOWN
FreeBSDanynoarchlibxul< 10.0.6UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	firefox	< 14.0.1,1	UNKNOWN
FreeBSD	any	noarch	linux-firefox	< 10.0.6,1	UNKNOWN
FreeBSD	any	noarch	linux-seamonkey	< 2.11	UNKNOWN
FreeBSD	any	noarch	linux-thunderbird	< 10.0.6	UNKNOWN
FreeBSD	any	noarch	seamonkey	< 2.11	UNKNOWN
FreeBSD	any	noarch	thunderbird	< 14.0	UNKNOWN
FreeBSD	any	noarch	libxul	< 10.0.6	UNKNOWN