diff options
| author | miwi <miwi@FreeBSD.org> | 2009-12-16 18:44:01 +0800 |
|---|---|---|
| committer | miwi <miwi@FreeBSD.org> | 2009-12-16 18:44:01 +0800 |
| commit | 9aaff6074887c85180a3afa08626e91ee06db2d3 (patch) | |
| tree | 3af2f4fbe9a21ba9a630aaf39eef6b4602d4d038 /security/vuxml | |
| parent | ef06dd99a35ed771b8bdded0e0844ff785a6f263 (diff) | |
| download | freebsd-ports-gnome-9aaff6074887c85180a3afa08626e91ee06db2d3.tar.gz freebsd-ports-gnome-9aaff6074887c85180a3afa08626e91ee06db2d3.tar.zst freebsd-ports-gnome-9aaff6074887c85180a3afa08626e91ee06db2d3.zip | |
- Document mozilla -- multiple vulnerabilities
Diffstat (limited to 'security/vuxml')
| -rw-r--r-- | security/vuxml/vuln.xml | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 84cc3e112d6e..43901dbc60b5 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -35,6 +35,67 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="01c57d20-ea26-11de-bd39-00248c9b4be7"> + <topic>mozilla -- multiple vulnerabilities</topic> + <affects> + <package> + <name>firefox</name> + <range><gt>3.5.*,1</gt><lt>3.5.6,1</lt></range> + <range><gt>3.*,1</gt><lt>3.0.16,1</lt></range> + </package> + <package> + <name>linux-firefox</name> + <range><lt>3.0.16,1</lt></range> + </package> + <package> + <name>seamonkey</name> + <name>linux-seamonkey</name> + <range><lt>2.0.1</lt></range> + </package> + + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Mozilla Porject reports:</p> + <blockquote cite="http://www.mozilla.org/security/known-vulnerabilities/"> + <p>MFSA 2009-71 GeckoActiveXObject exception messages can be used to + enumerate installed COM objects</p> + <p>MFSA 2009-70 Privilege escalation via chrome window.opener</p> + <p>MFSA 2009-69 Location bar spoofing vulnerabilities</p> + <p>MFSA 2009-68 NTLM reflection vulnerability</p> + <p>MFSA 2009-67 Integer overflow, crash in libtheora video + library</p> + <p>MFSA 2009-66 Memory safety fixes in liboggplay media library</p> + <p>MFSA 2009-65 Crashes with evidence of memory corruption (rv:1.9.1.6/ + 1.9.0.16)</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2009-3388</cvename> + <cvename>CVE-2009-3389</cvename> + <cvename>CVE-2009-3979</cvename> + <cvename>CVE-2009-3980</cvename> + <cvename>CVE-2009-3981</cvename> + <cvename>CVE-2009-3982</cvename> + <cvename>CVE-2009-3983</cvename> + <cvename>CVE-2009-3984</cvename> + <cvename>CVE-2009-3985</cvename> + <cvename>CVE-2009-3986</cvename> + <url>http://www.mozilla.org/security/announce/2009/mfsa2009-71.html</url> + <url>http://www.mozilla.org/security/announce/2009/mfsa2009-70.html</url> + <url>http://www.mozilla.org/security/announce/2009/mfsa2009-69.html</url> + <url>http://www.mozilla.org/security/announce/2009/mfsa2009-68.html</url> + <url>http://www.mozilla.org/security/announce/2009/mfsa2009-67.html</url> + <url>http://www.mozilla.org/security/announce/2009/mfsa2009-66.html</url> + <url>http://www.mozilla.org/security/announce/2009/mfsa2009-65.html</url> + </references> + <dates> + <discovery>2009-12-16</discovery> + <entry>2009-12-16</entry> + </dates> + </vuln> + <vuln vid="1b3f854b-e4bd-11de-b276-000d8787e1be"> <topic>freeradius -- remote packet of death vulnerability</topic> <affects> |