Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseOPENSUSE-SU-2013:1634-1
HistoryNov 07, 2013 - 11:04 a.m.

Mozilla updates 10/2013 (important)

2013-11-0711:04:15
lists.opensuse.org
14

0.105 Low

EPSS

Percentile

94.4%

JSON

Update NSPR to 4.10.1 Update Thunderbird to 24.1.0 (incl.
enigmail 1.6) Update Firefox to 24.1.0esr

Changes in MozillaFirefox:

  • requires NSS 3.15.2 or above
  • MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592
    Miscellaneous memory safety hazards
  • MFSA 2013-94/CVE-2013-5593 (bmo#868327) Spoofing
    addressbar through SELECT element
  • MFSA 2013-95/CVE-2013-5604 (bmo#914017) Access
    violation with XSLT and uninitialized data
  • MFSA 2013-96/CVE-2013-5595 (bmo#916580) Improperly
    initialized memory and overflows in some JavaScript
    functions
  • MFSA 2013-97/CVE-2013-5596 (bmo#910881) Writing to
    cycle collected object during image decoding
  • MFSA 2013-98/CVE-2013-5597 (bmo#918864) Use-after-free
    when updating offline cache
  • MFSA 2013-99/CVE-2013-5598 (bmo#920515) Security bypass
    of PDF.js checks using iframes
  • MFSA 2013-100/CVE-2013-5599/CVE-2013-5600/CVE-2013-5601
    (bmo#915210, bmo#915576, bmo#916685) Miscellaneous
    use-after-free issues found through ASAN fuzzing
  • MFSA 2013-101/CVE-2013-5602 (bmo#897678) Memory
    corruption in workers
  • MFSA 2013-102/CVE-2013-5603 (bmo#916404) Use-after-free
    in HTML document templates

Changes in MozillaThunderbird:

  • requires NSS 3.15.2 or above
  • MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592
    Miscellaneous memory safety hazards
  • MFSA 2013-94/CVE-2013-5593 (bmo#868327) Spoofing
    addressbar through SELECT element
  • MFSA 2013-95/CVE-2013-5604 (bmo#914017) Access
    violation with XSLT and uninitialized data
  • MFSA 2013-96/CVE-2013-5595 (bmo#916580) Improperly
    initialized memory and overflows in some JavaScript
    functions
  • MFSA 2013-97/CVE-2013-5596 (bmo#910881) Writing to
    cycle collected object during image decoding
  • MFSA 2013-98/CVE-2013-5597 (bmo#918864) Use-after-free
    when updating offline cache
  • MFSA 2013-100/CVE-2013-5599/CVE-2013-5600/CVE-2013-5601
    (bmo#915210, bmo#915576, bmo#916685) Miscellaneous
    use-after-free issues found through ASAN fuzzing
  • MFSA 2013-101/CVE-2013-5602 (bmo#897678) Memory
    corruption in workers
  • MFSA 2013-102/CVE-2013-5603 (bmo#916404) Use-after-free
    in HTML document templates
  • update to Thunderbird 24.0.1
  • fqdn for smtp server name was not accepted (bmo#913785)
  • fixed crash in PL_strncasecmp (bmo#917955)
  • update Enigmail to 1.6
  • The passphrase timeout configuration in Enigmail is now
    read and written from/to gpg-agent.
  • New dialog to change the expiry date of keys
  • New function to search for the OpenPGP keys of all
    Address Book entries on a keyserver
  • removed obsolete enigmail-build.patch

Changes in mozilla-nspr:

  • update to version 4.10.1
  • bmo#888273: RWIN Scaling (RFC1323) limited to 2 on
    Windows 7 and 8 (Windows only)
  • bmo#907512: Unix platforms shouldn’t mask errors
    specific to Unix domain sockets
OSVersionArchitecturePackageVersionFilename
openSUSE11.4i586seamonkey-irc< 2.22-81.1seamonkey-irc-2.22-81.1.i586.rpm
openSUSE11.4i586mozillafirefox-translations-common< 24.1.0-91.1MozillaFirefox-translations-common-24.1.0-91.1.i586.rpm
openSUSE11.4i586mozilla-nspr-debuginfo< 4.10.1-32.1mozilla-nspr-debuginfo-4.10.1-32.1.i586.rpm
openSUSE11.4i586mozillathunderbird-devel< 24.1.0-77.2MozillaThunderbird-devel-24.1.0-77.2.i586.rpm
openSUSE11.4x86_64mozillafirefox-translations-other< 24.1.0-91.1MozillaFirefox-translations-other-24.1.0-91.1.x86_64.rpm
openSUSE11.4x86_64mozilla-nspr-32bit< 4.10.1-32.1mozilla-nspr-32bit-4.10.1-32.1.x86_64.rpm
openSUSE11.4x86_64seamonkey-dom-inspector< 2.22-81.1seamonkey-dom-inspector-2.22-81.1.x86_64.rpm
openSUSE11.4i586mozillafirefox-buildsymbols< 24.1.0-91.1MozillaFirefox-buildsymbols-24.1.0-91.1.i586.rpm
openSUSE11.4i586seamonkey-debugsource< 2.22-81.1seamonkey-debugsource-2.22-81.1.i586.rpm
openSUSE11.4i586mozillafirefox-debuginfo< 24.1.0-91.1MozillaFirefox-debuginfo-24.1.0-91.1.i586.rpm
Rows per page:
1-10 of 601

Related

nessus 36
openvas 54
securityvulns 1
freebsd 1
ubuntu 2
veracode 8
oraclelinux 2
ibm 2
debian 2
redhat 2
centos 2
mageia 3
suse 3
mozilla 10
prion 14
ubuntucve 14
cve 14
gentoo 1
nessus
nessus
openSUSE Security Update : seamonkey (openSUSE-SU-2013:1644-1)
2014-06-13 00:00:00
Ubuntu 12.04 LTS / 12.10 / 13.04 / 13.10 : firefox vulnerabilities (USN-2009-1)
2013-10-30 00:00:00
FreeBSD : mozilla -- multiple vulnerabilities (81f866ad-41a4-11e3-a4af-0025905a4771)
2013-10-31 00:00:00
openvas
openvas
SuSE Update for Mozilla openSUSE-SU-2013:1634-1 (Mozilla)
2013-11-19 00:00:00
openSUSE: Security Advisory for Mozilla (openSUSE-SU-2013:1634-1)
2013-11-19 00:00:00
Mozilla Firefox Multiple Vulnerabilities - 01 (Nov 2013) - Mac OS X
2013-11-07 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2013-11-05 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2013-10-29 00:00:00
ubuntu
ubuntu
Firefox vulnerabilities
2013-10-29 00:00:00
Thunderbird vulnerabilities
2013-10-31 00:00:00
veracode
veracode
Denial Of Service (DOS)
2019-05-02 04:56:49
Use After Free
2019-05-02 04:56:51
Stack-based Buffer Overflow
2019-05-02 04:56:51
oraclelinux
oraclelinux
firefox security update
2013-10-29 00:00:00
thunderbird security update
2013-10-30 00:00:00
ibm
ibm
Security Bulletin: Mozilla firefox vulnerability issues on IBM Storwize V7000 Unified (CVE-2013-5590, CVE-2013-5595, CVE-2013-5597, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601, CVE-2013-5602, CVE-2013-5604)
2018-06-18 00:07:38
Security Bulletin: Mozilla firefox vulnerability issues on SONAS (CVE-2013-5590, CVE-2013-5595, CVE-2013-5597, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601, CVE-2013-5602, CVE-2013-5604)
2018-06-18 00:07:42
debian
debian
[SECURITY] [DSA 2788-1] iceweasel security update
2013-10-31 08:03:44
[SECURITY] [DSA 2797-1] icedove security update
2013-11-13 21:44:43
redhat
redhat
(RHSA-2013:1480) Important: thunderbird security update
2013-10-30 00:00:00
(RHSA-2013:1476) Critical: firefox security update
2013-10-29 00:00:00
centos
centos
thunderbird security update
2013-10-30 22:19:56
firefox, xulrunner security update
2013-10-30 04:12:01
mageia
mageia
Updated thunderbird package fixes security vulnerabilities
2013-11-18 18:39:59
Updated firefox & related packages fix multiple security vulnerabilities
2013-11-09 22:55:13
Updated iceape packages fix many vulnerabilities
2013-11-21 00:16:49
suse
suse
Security update for Mozilla Firefox (important)
2013-11-15 03:04:14
Mozilla Suite: Update to October 2013 release (important)
2013-11-07 10:04:11
Firefox update to 31.1esr (important)
2014-09-09 18:04:16
mozilla
mozilla
Miscellaneous use-after-free issues found through ASAN fuzzing — Mozilla
2013-10-29 00:00:00
Miscellaneous memory safety hazards (rv:25.0 / rv:24.1 / rv:17.0.10) — Mozilla
2013-10-29 00:00:00
Spoofing addressbar though SELECT element — Mozilla
2013-10-29 00:00:00
prion
prion
Memory corruption
2013-10-30 10:55:00
Design/Logic Flaw
2013-10-30 10:55:00
Hardcoded credentials
2013-10-30 10:55:00
ubuntucve
ubuntucve
CVE-2013-5592
2013-10-29 00:00:00
CVE-2013-5593
2013-10-29 00:00:00
CVE-2013-5596
2013-10-29 00:00:00
cve
cve
CVE-2013-5593
2013-10-30 10:55:00
CVE-2013-5592
2013-10-30 10:55:00
CVE-2013-5603
2013-10-30 10:55:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2015-04-07 00:00:00

0.105 Low

EPSS

Percentile

94.4%

JSON
Related for OPENSUSE-SU-2013:1634-1
nessus36openvas54securityvulns1freebsd1ubuntu2veracode8oraclelinux2ibm2debian2redhat2centos2mageia3suse3mozilla10prion14ubuntucve14cve14gentoo1