FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mozilla -- multiple vulnerabilities

Affected packages
3.6.*,1 < firefox < 3.6.11,1
3.5.*,1 < firefox < 3.5.14,1
1.9.2.* < libxul < 1.9.2.11
linux-firefox < 3.6.11,1
linux-firefox-devel < 3.5.14
2.0.* < seamonkey < 2.0.9
3.0 <= thunderbird < 3.0.9
3.1 <= thunderbird < 3.1.5

Details

VuXML ID c4f067b9-dc4a-11df-8e32-000f20797ede
Discovery 2010-10-19
Entry 2010-10-20

The Mozilla Project reports:

MFSA 2010-64 Miscellaneous memory safety hazards (rv:1.9.2.11/ 1.9.1.14)

MFSA 2010-65 Buffer overflow and memory corruption using document.write

MFSA 2010-66 Use-after-free error in nsBarProp

MFSA 2010-67 Dangling pointer vulnerability in LookupGetterOrSetter

MFSA 2010-68 XSS in gopher parser when parsing hrefs

MFSA 2010-69 Cross-site information disclosure via modal calls

MFSA 2010-70 SSL wildcard certificate matching IP addresses

MFSA 2010-71 Unsafe library loading vulnerabilities

MFSA 2010-72 Insecure Diffie-Hellman key exchange

References

CVE Name CVE-2010-3170
CVE Name CVE-2010-3173
CVE Name CVE-2010-3174
CVE Name CVE-2010-3175
CVE Name CVE-2010-3176
CVE Name CVE-2010-3177
CVE Name CVE-2010-3178
CVE Name CVE-2010-3179
CVE Name CVE-2010-3180
CVE Name CVE-2010-3181
CVE Name CVE-2010-3182
CVE Name CVE-2010-3183
URL http://www.mozilla.org/security/announce/2010/mfsa2010-64.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-65.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-66.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-67.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-68.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-69.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-70.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-71.html
URL http://www.mozilla.org/security/announce/2010/mfsa2010-72.html