RETIRED: Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2012-74 through -87 Multiple Vulnerabilities

The Mozilla Foundation has released multiple security advisories specifying vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey.

These vulnerabilities allow attackers to execute arbitrary script or HTML code, steal cookie-based authentication credentials, conduct phishing attacks, execute arbitrary code in the context of the vulnerable application, crash affected applications, obtain potentially sensitive information, gain escalated privileges, bypass security restrictions, and perform unauthorized actions; other attacks may also be possible.

These issues are fixed in:

Firefox 16
Firefox ESR 10.0.8
Thunderbird 16
Thunderbird ESR 10.0.8
SeaMonkey 2.13

This BID is being retired. The following individual records exist to better document the issues:

55922 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3986 Multiple Security Bypass Vulnerabilities
55924 Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-3982 Memory Corruption Vulnerability
56145 Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-3983 Memory Corruption Vulnerability
55926 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3985 Security Bypass Vulnerability
55927 Mozilla Firefox/SeaMonkey/Thunderbird CVE-2012-3989 Denial of Service Vulnerability
55929 Mozilla Firefox CVE-2012-3987 Cross Site Scripting Vulnerability
55930 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3991 Security Bypass Vulnerability
55931 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3988 Use After Free Denial of Service Vulnerability
55932 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3984 Address Bar URI Spoofing Vulnerability
56136 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3995 Remote Code Execution Vulnerability
56140 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4183 Use After Free Memory Corruption Vulnerability
56129 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4179 Use After Free Memory Corruption Vulnerability
56135 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4186 Remote Buffer Overflow Vulnerability
56126 Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-4180 Buffer Overflow Vulnerability
56123 Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-4188 Buffer Overflow Vulnerability
56121 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4182 Remote Code Execution Vulnerability
56128 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3992 Security Vulnerability
56131 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-3990 Use After Free Memory Corruption Vulnerability
56130 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4181 Use After Free Memory Corruption Vulnerability
56125 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4187 Heap Memory Corruption Vulnerability
56127 Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-4185 Buffer Overflow Vulnerability
56120 Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-4184 Arbitrary Code Execution Vulnerability
56119 Mozilla Firefox/Thunderbird/Seamonkey CVE-2012-3993 Arbitrary Code Execution Vulnerability
56118 Mozilla Firefox/SeaMonkey/Thunderbird CVE-2012-3994 Cross Site Scripting Vulnerability


Privacy Statement
Copyright 2010, SecurityFocus