FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mozilla -- multiple vulnerabilities

Affected packages
firefox < 36.0,1
firefox-esr < 31.5.0,1
linux-firefox < 36.0,1
linux-seamonkey < 2.33
linux-thunderbird < 31.5.0
seamonkey < 2.33
thunderbird < 31.5.0
libxul < 31.5.0

Details

VuXML ID 99029172-8253-407d-9d8b-2cfeab9abf81
Discovery 2015-02-24
Entry 2015-02-27

The Mozilla Project reports:

MFSA-2015-11 Miscellaneous memory safety hazards (rv:36.0 / rv:31.5)

MFSA-2015-12 Invoking Mozilla updater will load locally stored DLL files

MFSA-2015-13 Appended period to hostnames can bypass HPKP and HSTS protections

MFSA-2015-14 Malicious WebGL content crash when writing strings

MFSA-2015-15 TLS TURN and STUN connections silently fail to simple TCP connections

MFSA-2015-16 Use-after-free in IndexedDB

MFSA-2015-17 Buffer overflow in libstagefright during MP4 video playback

MFSA-2015-18 Double-free when using non-default memory allocators with a zero-length XHR

MFSA-2015-19 Out-of-bounds read and write while rendering SVG content

MFSA-2015-20 Buffer overflow during CSS restyling

MFSA-2015-21 Buffer underflow during MP3 playback

MFSA-2015-22 Crash using DrawTarget in Cairo graphics library

MFSA-2015-23 Use-after-free in Developer Console date with OpenType Sanitiser

MFSA-2015-24 Reading of local files through manipulation of form autocomplete

MFSA-2015-25 Local files or privileged URLs in pages can be opened into new tabs

MFSA-2015-26 UI Tour whitelisted sites in background tab can spoof foreground tabs

MFSA-2015-27 Caja Compiler JavaScript sandbox bypass

References

CVE Name CVE-2015-0819
CVE Name CVE-2015-0820
CVE Name CVE-2015-0821
CVE Name CVE-2015-0822
CVE Name CVE-2015-0823
CVE Name CVE-2015-0824
CVE Name CVE-2015-0825
CVE Name CVE-2015-0826
CVE Name CVE-2015-0827
CVE Name CVE-2015-0828
CVE Name CVE-2015-0829
CVE Name CVE-2015-0830
CVE Name CVE-2015-0831
CVE Name CVE-2015-0832
CVE Name CVE-2015-0833
CVE Name CVE-2015-0834
CVE Name CVE-2015-0835
CVE Name CVE-2015-0836
URL https://www.mozilla.org/security/advisories/
URL https://www.mozilla.org/security/advisories/mfsa2015-11/
URL https://www.mozilla.org/security/advisories/mfsa2015-12/
URL https://www.mozilla.org/security/advisories/mfsa2015-13/
URL https://www.mozilla.org/security/advisories/mfsa2015-14/
URL https://www.mozilla.org/security/advisories/mfsa2015-15/
URL https://www.mozilla.org/security/advisories/mfsa2015-16/
URL https://www.mozilla.org/security/advisories/mfsa2015-17/
URL https://www.mozilla.org/security/advisories/mfsa2015-18/
URL https://www.mozilla.org/security/advisories/mfsa2015-19/
URL https://www.mozilla.org/security/advisories/mfsa2015-20/
URL https://www.mozilla.org/security/advisories/mfsa2015-21/
URL https://www.mozilla.org/security/advisories/mfsa2015-22/
URL https://www.mozilla.org/security/advisories/mfsa2015-23/
URL https://www.mozilla.org/security/advisories/mfsa2015-24/
URL https://www.mozilla.org/security/advisories/mfsa2015-25/
URL https://www.mozilla.org/security/advisories/mfsa2015-26/
URL https://www.mozilla.org/security/advisories/mfsa2015-27/