From c9bad984c6b0d07b0b31454d0fb4bfbc21b6ee14 Mon Sep 17 00:00:00 2001 From: delphij Date: Sun, 30 Mar 2008 09:18:33 +0000 Subject: Document mozilla multiple vulnerabilities. Reviewed by: miwi, remko (via IRC) --- security/vuxml/vuln.xml | 68 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 68 insertions(+) (limited to 'security') diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 2b144b104580..3a13af246f4f 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,74 @@ Note: Please add new entries to the beginning of this file. --> + + mozilla -- multiple vulnerabilities + + + firefox + 2.0.0.13,1 + + + linux-firefox + 2.0.0.13 + + + seamonkey + linux-seamonkey + 1.1.9 + + + linux-seamonkey-devel + 0 + + + thunderbird + linux-thunderbird + 0 + + + + +

The Mozilla Foundation reports of multiple security issues + in Firefox, Seamonkey, and Thunderbird. Several of these + issues can probably be used to run arbitrary code with the + privilege of the user running the program.

+
+
MFSA 2008-19 + XUL popup spoofing variant (cross-tab popups)
+
MFSA 2008-18 + Java socket connection to any local port via LiveConnect
+
MFSA 2008-17 + Privacy issue with SSL Client Authentication
+
MFSA 2008-16 + HTTP Referrer spoofing with malformed URLs
+
MFSA 2008-15 + Crashes with evidence of memory corruption (rv:1.8.1.13)
+
MFSA 2008-14 + JavaScript privilege escalation and arbitrary code execution
+
+

+ + + + 28448 + CVE-2008-1241 + CVE-2008-1240 + CVE-2007-4879 + CVE-2008-1238 + CVE-2008-1236 + CVE-2008-1237 + CVE-2008-1233 + CVE-2008-1234 + CVE-2008-1235 + + + 2008-03-26 + 2008-03-30 + + + silc -- pkcs_decode buffer overflow -- cgit