RETIRED: Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2012-88/89 Multiple Vulnerabilities

The Mozilla Foundation has released two security advisories specifying vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey.

These vulnerabilities allow attackers to bypass the same-origin policy and certain access restrictions to access data or execute arbitrary script code in the browser of an unsuspecting user in the context of another site and crash affected applications; other attacks may also be possible.

These issues are fixed in:

Firefox 16.0.1
Firefox ESR 10.0.9
Thunderbird 16.0.1
Thunderbird ESR 10.0.9
SeaMonkey 2.13.1

This BID is being retired. The following individual records exist to better document the issues:

56151 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4190 Memory Corruption Vulnerability
56153 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4191 Memory Corruption Vulnerability
56154 Mozilla Firefox/Thunderbird/SeaMonkey Cross Domain Information Disclosure Vulnerability
56155 Mozilla Firefox/Thunderbird/SeaMonkey 'defaultValue()' Security Bypass Vulnerability


Privacy Statement
Copyright 2010, SecurityFocus