FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mozilla -- multiple vulnerabilities

Affected packages
nspr < 4.10.10
linux-c6-nspr < 4.10.10
3.20 <= nss < 3.20.1
3.19.3 <= nss < 3.19.4
nss < 3.19.2.1
firefox < 42.0,1
linux-firefox < 42.0,1
seamonkey < 2.39
linux-seamonkey < 2.39
firefox-esr < 38.4.0,1
libxul < 38.4.0
thunderbird < 38.4.0
linux-thunderbird < 38.4.0

Details

VuXML ID 9d04936c-75f1-4a2c-9ade-4c1708be5df9
Discovery 2015-11-03
Entry 2015-11-19
Modified 2016-04-13

The Mozilla Project reports:

MFSA 2015-133 NSS and NSPR memory corruption issues

MFSA 2015-132 Mixed content WebSocket policy bypass through workers

MFSA 2015-131 Vulnerabilities found through code inspection

MFSA 2015-130 JavaScript garbage collection crash with Java applet

MFSA 2015-129 Certain escaped characters in host of Location-header are being treated as non-escaped

MFSA 2015-128 Memory corruption in libjar through zip files

MFSA 2015-127 CORS preflight is bypassed when non-standard Content-Type headers are received

MFSA 2015-126 Crash when accessing HTML tables with accessibility tools on OS X

MFSA 2015-125 XSS attack through intents on Firefox for Android

MFSA 2015-124 Android intents can be used on Firefox for Android to open privileged files

MFSA 2015-123 Buffer overflow during image interactions in canvas

MFSA 2015-122 Trailing whitespace in IP address hostnames can bypass same-origin policy

MFSA 2015-121 Disabling scripts in Add-on SDK panels has no effect

MFSA 2015-120 Reading sensitive profile files through local HTML file on Android

MFSA 2015-119 Firefox for Android addressbar can be removed after fullscreen mode

MFSA 2015-118 CSP bypass due to permissive Reader mode whitelist

MFSA 2015-117 Information disclosure through NTLM authentication

MFSA 2015-116 Miscellaneous memory safety hazards (rv:42.0 / rv:38.4)

References

CVE Name CVE-2015-4513
CVE Name CVE-2015-4514
CVE Name CVE-2015-4515
CVE Name CVE-2015-4518
CVE Name CVE-2015-7181
CVE Name CVE-2015-7182
CVE Name CVE-2015-7183
CVE Name CVE-2015-7185
CVE Name CVE-2015-7186
CVE Name CVE-2015-7187
CVE Name CVE-2015-7188
CVE Name CVE-2015-7189
CVE Name CVE-2015-7190
CVE Name CVE-2015-7191
CVE Name CVE-2015-7192
CVE Name CVE-2015-7193
CVE Name CVE-2015-7194
CVE Name CVE-2015-7195
CVE Name CVE-2015-7196
CVE Name CVE-2015-7197
CVE Name CVE-2015-7198
CVE Name CVE-2015-7199
CVE Name CVE-2015-7200
URL https://www.mozilla.org/security/advisories/mfsa2015-116/
URL https://www.mozilla.org/security/advisories/mfsa2015-117/
URL https://www.mozilla.org/security/advisories/mfsa2015-118/
URL https://www.mozilla.org/security/advisories/mfsa2015-119/
URL https://www.mozilla.org/security/advisories/mfsa2015-120/
URL https://www.mozilla.org/security/advisories/mfsa2015-121/
URL https://www.mozilla.org/security/advisories/mfsa2015-122/
URL https://www.mozilla.org/security/advisories/mfsa2015-123/
URL https://www.mozilla.org/security/advisories/mfsa2015-124/
URL https://www.mozilla.org/security/advisories/mfsa2015-125/
URL https://www.mozilla.org/security/advisories/mfsa2015-126/
URL https://www.mozilla.org/security/advisories/mfsa2015-127/
URL https://www.mozilla.org/security/advisories/mfsa2015-128/
URL https://www.mozilla.org/security/advisories/mfsa2015-129/
URL https://www.mozilla.org/security/advisories/mfsa2015-130/
URL https://www.mozilla.org/security/advisories/mfsa2015-131/
URL https://www.mozilla.org/security/advisories/mfsa2015-132/
URL https://www.mozilla.org/security/advisories/mfsa2015-133/