Mozilla multiple cross origin wrapper bypasses

Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrapper when required during object construction, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting XSS attacks via a crafted document, related to a "cross origin wrapper bypass."...

CVE-2009-2472

Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrapper when required during object construction, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting XSS attacks via a crafted document, related to a "cross origin wrapper bypass."...

openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-1091)

Mozilla Thunderbird was updated to the 2.0.0.22 security release. It fixes various bugs and security issues : - MFSA-2009-14/CVE-2009-1302/CVE-2009-1303/CVE-2009-1304 CVE-2009-1305 Crashes with evidence of memory corruption rv:1.9.0.9 - MFSA 2009-17/CVE-2009-1307 bmo481342 Same-origin violations...

openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-1091)

Mozilla Thunderbird was updated to the 2.0.0.22 security release. It fixes various bugs and security issues : - MFSA-2009-14/CVE-2009-1302/CVE-2009-1303/CVE-2009-1304 CVE-2009-1305 Crashes with evidence of memory corruption rv:1.9.0.9 - MFSA 2009-17/CVE-2009-1307 bmo481342 Same-origin violations...

openSUSE Security Update : mozilla-xulrunner190 (mozilla-xulrunner190-382)

The Mozilla XULRunner engine was updated to version 1.9.0.5. The following security issues were fixed : MFSA 2008-68 / CVE-2008-5512 / CVE-2008-5511: Mozilla security researcher mozbugra4 reported that an XBL binding, when attached to an unloaded document, can be used to violate the same-origin...

openSUSE Security Update : seamonkey (seamonkey-326)

This update brings the Mozilla SeaMonkey browser to version 1.1.13. It fixes following security issues : CVE-2008-0017 / MFSA 2008-54 : The http-index-format MIME type parser nsDirIndexParser in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 does not check...

openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-401)

The Mozilla Thunderbird E-Mail client was updated to version 2.0.0.19. The following security issues were fixed : MFSA 2008-68 / CVE-2008-5512 / CVE-2008-5511: Mozilla security researcher mozbugra4 reported that an XBL binding, when attached to an unloaded document, can be used to violate the...

openSUSE Security Update : MozillaFirefox (MozillaFirefox-381)

The Mozilla Firefox browser was updated to version 3.0.5, fixing various security issues and stability problems. The following security issues were fixed : MFSA 2008-69 / CVE-2008-5513: Mozilla security researcher mozbugra4 reported vulnerabilities in the session-restore feature by which content...

openSUSE Security Update : mozilla-xulrunner181 (mozilla-xulrunner181-383)

The Mozilla XULRunner 1.8.1 engine received backports for security problems in 1.9.0.5. The following security issues were fixed : MFSA 2008-68 / CVE-2008-5512 / CVE-2008-5511: Mozilla security researcher mozbugra4 reported that an XBL binding, when attached to an unloaded document, can be used t...

openSUSE Security Update : mozilla-xulrunner181 (mozilla-xulrunner181-383)

The Mozilla XULRunner 1.8.1 engine received backports for security problems in 1.9.0.5. The following security issues were fixed : MFSA 2008-68 / CVE-2008-5512 / CVE-2008-5511: Mozilla security researcher mozbugra4 reported that an XBL binding, when attached to an unloaded document, can be used t...

openSUSE Security Update : seamonkey (seamonkey-380)

The Mozilla SeaMonkey browser suite was updated to version 1.1.14. The following security issues were fixed : MFSA 2008-68 / CVE-2008-5512 / CVE-2008-5511: Mozilla security researcher mozbugra4 reported that an XBL binding, when attached to an unloaded document, can be used to violate the...

openSUSE Security Update : MozillaFirefox (MozillaFirefox-509)

The Mozilla Firefox browser is updated to version 3.0.6 fixing various security and stability issues. MFSA 2009-01 / CVE-2009-0352 / CVE-2009-0353: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these...

openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-236)

This update brings Mozilla Thunderbird to version 2.0.0.17. It contains the following security fixes: MFSA 2008-46 / CVE-2008-4070: Heap overflow when canceling a newsgroup message MFSA 2008-44 / CVE-2008-4067 / CVE-2008-4068: resource: traversal vulnerabilities MFSA 2008-43: BOM characters...

openSUSE Security Update : mozilla-xulrunner181 (mozilla-xulrunner181-237)

This update brings mozilla-xulrunner181 to security fix version 1.8.1.17. It contains the following security fixes: MFSA 2008-45 / CVE-2008-4069: XBM image uninitialized memory reading MFSA 2008-44 / CVE-2008-4067 / CVE-2008-4068: resource: traversal vulnerabilities MFSA 2008-43: BOM characters...

openSUSE Security Update : MozillaFirefox (MozillaFirefox-381)

The Mozilla Firefox browser was updated to version 3.0.5, fixing various security issues and stability problems. The following security issues were fixed : MFSA 2008-69 / CVE-2008-5513: Mozilla security researcher mozbugra4 reported vulnerabilities in the session-restore feature by which content...

openSUSE Security Update : mozilla-xulrunner190 (mozilla-xulrunner190-382)

The Mozilla XULRunner engine was updated to version 1.9.0.5. The following security issues were fixed : MFSA 2008-68 / CVE-2008-5512 / CVE-2008-5511: Mozilla security researcher mozbugra4 reported that an XBL binding, when attached to an unloaded document, can be used to violate the same-origin...

openSUSE Security Update : mozilla-xulrunner181 (mozilla-xulrunner181-329)

This update backports security fixes to the Mozilla XULRunner engine. It fixes following security issues : CVE-2008-0017 / MFSA 2008-54: The http-index-format MIME type parser nsDirIndexParser in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 does not check...

openSUSE Security Update : seamonkey (seamonkey-380)

The Mozilla SeaMonkey browser suite was updated to version 1.1.14. The following security issues were fixed : MFSA 2008-68 / CVE-2008-5512 / CVE-2008-5511: Mozilla security researcher mozbugra4 reported that an XBL binding, when attached to an unloaded document, can be used to violate the...

openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-401)

The Mozilla Thunderbird E-Mail client was updated to version 2.0.0.19. The following security issues were fixed : MFSA 2008-68 / CVE-2008-5512 / CVE-2008-5511: Mozilla security researcher mozbugra4 reported that an XBL binding, when attached to an unloaded document, can be used to violate the...

openSUSE Security Update : seamonkey (seamonkey-193)

SeaMonkey was updated to version 1.1.11. Problems fixed in the 1.1.11 update: CVE-2008-2785 MFSA 2008-34: An anonymous researcher, via TippingPoint's Zero Day Initiative program, reported a vulnerability in Mozilla's internal CSSValue array data structure. The vulnerability was caused by an...