RETIRED: Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2010-34 Through -47 Multiple Vulnerabilities

The Mozilla Foundation has released 14 security advisories specifying vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey.

These vulnerabilities allow attackers to execute arbitrary machine code in the context of the vulnerable application, crash affected applications, elevate privileges, and disclose potentially sensitive information; other attacks may also be possible.

These issues are fixed in:

Firefox 3.6.7
Firefox 3.5.11
Thunderbird 3.0.6
Thunderbird 3.1.1
SeaMonkey 2.0.6

This BID is being retired. The following individual records exist to better document the issues:

41842 Mozilla Firefox and SeaMonkey Plugin Parameters Buffer Overflow Vulnerability
41845 Mozilla Firefox and SeaMonkey 'NodeIterator' Use-After-Free Remote Code Execution Vulnerability
41849 Mozilla Firefox and SeaMonkey DOM Cloning Remote Code Execution Vulnerability
41852 Mozilla Firefox, Thunderbird and SeaMonkey CSS Values Integer Overflow Vulnerability
41853 Mozilla Firefox, Thunderbird, and SeaMonkey 'nsTreeSelection' Remote Code Execution Vulnerability
41859 Mozilla Firefox, Thunderbird, and SeaMonkey CVE-2010-1211 Remote Memory Corruption Vulnerability
41860 Multiple Mozilla Products Script Filename Cross Domain Information Disclosure Vulnerability
41865 Mozilla Firefox, Thunderbird, and SeaMonkey CVE-2010-1212 Remote Memory Corruption Vulnerability
41866 Mozilla Firefox and Thunderbird Character Mapping Security Weakness
41868 Mozilla Firefox and Thunderbird 'SJOW' Privilege Escalation Vulnerability
41871 Multiple Mozilla Products 'importScripts()' Method Cross Domain Information Disclosure Vulnerability
41872 Multiple Mozilla Products CSS Selectors Cross Domain Information Disclosure Vulnerability
41878 Mozilla Firefox and Thunderbird Canvas Element Cross Domain Information Disclosure Vulnerability
41968 Mozilla Firefox and Sea Monkey Location Bar Spoofing Vulnerability


 

Privacy Statement
Copyright 2010, SecurityFocus