FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mozilla -- multiple vulnerabilities

Affected packages
3.6.*,1 < firefox < 3.6.9,1
3.5.*,1 < firefox < 3.5.12,1
1.9.2.* < libxul < 1.9.2.9
linux-firefox < 3.6.9,1
linux-firefox-devel < 3.5.12
2.0.* < seamonkey < 2.0.7
3.0 <= thunderbird < 3.0.7
3.1 <= thunderbird < 3.1.3

Details

VuXML ID 4a21ce2c-bb13-11df-8e32-000f20797ede
Discovery 2010-09-07
Entry 2010-09-08
Modified 2010-09-15

The Mozilla Project reports:

MFSA 2010-49 Miscellaneous memory safety hazards (rv:1.9.2.9/ 1.9.1.12)

MFSA 2010-50 Frameset integer overflow vulnerability

MFSA 2010-51 Dangling pointer vulnerability using DOM plugin array

MFSA 2010-52 Windows XP DLL loading vulnerability

MFSA 2010-53 Heap buffer overflow in nsTextFrameUtils::TransformText

MFSA 2010-54 Dangling pointer vulnerability in nsTreeSelection

MFSA 2010-55 XUL tree removal crash and remote code execution

MFSA 2010-56 Dangling pointer vulnerability in nsTreeContentView

MFSA 2010-57 Crash and remote code execution in normalizeDocument

MFSA 2010-58 Crash on Mac using fuzzed font in data: URL

MFSA 2010-59 SJOW creates scope chains ending in outer object

MFSA 2010-60 XSS using SJOW scripted function

MFSA 2010-61 UTF-7 XSS by overriding document charset using object type attribute

MFSA 2010-62 Copy-and-paste or drag-and-drop into designMode document allows XSS

MFSA 2010-63 Information leak via XMLHttpRequest statusText

References

CVE Name CVE-2010-2760
CVE Name CVE-2010-2762
CVE Name CVE-2010-2763
CVE Name CVE-2010-2764
CVE Name CVE-2010-2765
CVE Name CVE-2010-2766
CVE Name CVE-2010-2767
CVE Name CVE-2010-2768
CVE Name CVE-2010-2769
CVE Name CVE-2010-2770
CVE Name CVE-2010-3131
CVE Name CVE-2010-3166
CVE Name CVE-2010-3167
CVE Name CVE-2010-3168
CVE Name CVE-2010-3169
URL http://www.mozilla.org/security/announce/2010/mfsa2010-49.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-50.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-51.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-52.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-53.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-54.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-55.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-56.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-57.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-58.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-59.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-60.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-61.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-62.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-63.html