FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mozilla -- multiple vulnerabilities

Affected packages
18.0,1 < firefox < 23.0,1
firefox < 17.0.8,1
linux-firefox < 17.0.8,1
linux-seamonkey < 2.20
linux-thunderbird < 17.0.8
seamonkey < 2.20
11.0 < thunderbird < 17.0.8

Details

VuXML ID 0998e79d-0055-11e3-905b-0025905a4771
Discovery 2013-08-06
Entry 2013-08-08

The Mozilla Project reports:

MFSA 2013-63 Miscellaneous memory safety hazards (rv:23.0 / rv:17.0.8)

MFSA 2013-64 Use after free mutating DOM during SetBody

MFSA 2013-65 Buffer underflow when generating CRMF requests

MFSA 2013-66 Buffer overflow in Mozilla Maintenance Service and Mozilla Updater

MFSA 2013-67 Crash during WAV audio file decoding

MFSA 2013-68 Document URI misrepresentation and masquerading

MFSA 2013-69 CRMF requests allow for code execution and XSS attacks

MFSA 2013-70 Bypass of XrayWrappers using XBL Scopes

MFSA 2013-71 Further Privilege escalation through Mozilla Updater

MFSA 2013-72 Wrong principal used for validating URI for some Javascript components

MFSA 2013-73 Same-origin bypass with web workers and XMLHttpRequest

MFSA 2013-74 Firefox full and stub installer DLL hijacking

MFSA 2013-75 Local Java applets may read contents of local file system

References

CVE Name CVE-2013-1701
CVE Name CVE-2013-1702
CVE Name CVE-2013-1704
CVE Name CVE-2013-1705
CVE Name CVE-2013-1706
CVE Name CVE-2013-1707
CVE Name CVE-2013-1708
CVE Name CVE-2013-1709
CVE Name CVE-2013-1710
CVE Name CVE-2013-1711
CVE Name CVE-2013-1712
CVE Name CVE-2013-1713
CVE Name CVE-2013-1714
CVE Name CVE-2013-1715
CVE Name CVE-2013-1717
URL http://www.mozilla.org/security/known-vulnerabilities/
URL https://www.mozilla.org/security/announce/2013/mfsa2013-63.html
URL https://www.mozilla.org/security/announce/2013/mfsa2013-64.html
URL https://www.mozilla.org/security/announce/2013/mfsa2013-65.html
URL https://www.mozilla.org/security/announce/2013/mfsa2013-66.html
URL https://www.mozilla.org/security/announce/2013/mfsa2013-67.html
URL https://www.mozilla.org/security/announce/2013/mfsa2013-68.html
URL https://www.mozilla.org/security/announce/2013/mfsa2013-69.html
URL https://www.mozilla.org/security/announce/2013/mfsa2013-70.html
URL https://www.mozilla.org/security/announce/2013/mfsa2013-71.html
URL https://www.mozilla.org/security/announce/2013/mfsa2013-72.html