SeaMonkey < 2.17 Multiple Vulnerabilities

Binary data 6735.prm...

Firefox ESR 17.x < 17.0.5 Multiple Vulnerabilities (Mac OS X)

The installed version of Firefox ESR 17.x is earlier than 17.0.5 and is, therefore, potentially affected by the following vulnerabilities : - Various memory safety issues exist. CVE-2013-0788 - An out-of-bounds memory read error exists related to 'CERTDecodeCertPackage' and certificate decoding...

Firefox < 20 Multiple Vulnerabilities

The installed version of Firefox is earlier than 20 and is, therefore, potentially affected by the following vulnerabilities : - Various memory safety issues exist. CVE-2013-0788, CVE-2013-0789 - An out-of-bounds memory read error exists related to 'CERTDecodeCertPackage' and certificate decoding...

Mozilla SeaMonkey < 2.17 Multiple Vulnerabilities

Binary data 801224.prm...

CVE-2013-0795

The System Only Wrapper SOW implementation in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 does not prevent use of the cloneNode method for cloning a protected node, which allows remote...

Code injection

The System Only Wrapper SOW implementation in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 does not prevent use of the cloneNode method for cloning a protected node, which allows remote...

CVE-2013-0795

The System Only Wrapper SOW implementation in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 does not prevent use of the cloneNode method for cloning a protected node, which allows remote...

CVE-2013-0795

CVE-2013-0795 affects Mozilla Firefox (before 20.0) and related Mozilla stack (ESR 17.x before 17.0.5, Thunderbird before 17.0.5, SeaMonkey before 2.17). The issue arises from the System Only Wrapper (SOW) allowing a crafted site to clone a protected node via cloneNode, bypassing the Same Origin ...

firefox, xulrunner security update

CentOS Errata and Security Advisory CESA-2013:0696 Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVS...

Scientific Linux Security Update : thunderbird on SL5.x, SL6.x i386/x86_64 (20130402)

Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. CVE-2013-0788 A flaw was found in the way Same Origin Wrappers were implemented in...

CVE-2013-0795

The System Only Wrapper SOW implementation in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 does not prevent use of the cloneNode method for cloning a protected node, which allows remote...

CentOS 5 / 6 : firefox / xulrunner (CESA-2013:0696)

Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...

RHEL 6 : firefox (RHSA-2013:0696)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:0696 advisory. Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found ...

Scientific Linux Security Update : firefox on SL5.x, SL6.x i386/x86_64 (20130402)

Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2013-0788 A flaw was found in the way Same Origin Wrappers were...

RHEL 5 / 6 : thunderbird (RHSA-2013:0697)

The remote Redhat Enterprise Linux 5 / 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2013:0697 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed content. Maliciou...

Critical: Red Hat Security Advisory: firefox security update

Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...

Mozilla: Bypass of SOW protections allows cloning of protected nodes (MFSA 2013-36)

The System Only Wrapper SOW implementation in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 does not prevent use of the cloneNode method for cloning a protected node, which allows remote...

Important: Red Hat Security Advisory: thunderbird security update

An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Mozilla: Bypass of SOW protections allows cloning of protected nodes (MFSA 2013-36)

The System Only Wrapper SOW implementation in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 does not prevent use of the cloneNode method for cloning a protected node, which allows remote...

Bypass of SOW protections allows cloning of protected nodes — Mozilla

Security researcher Cody Crews reported a mechanism to use the cloneNode method to bypass System Only Wrappers SOW and clone a protected node. This allows violation of the browser's same origin policy and could also lead to privilege escalation and the execution of arbitrary code...