RETIRED: Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2012-91 through -106 Multiple Vulnerabilities

The Mozilla Foundation has released multiple security advisories specifying vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey.

These vulnerabilities allow attackers to execute arbitrary script or HTML code, steal cookie-based authentication credentials, execute arbitrary code in the context of the vulnerable application, crash affected applications, obtain potentially sensitive information, gain escalated privileges, bypass security restrictions, and perform unauthorized actions; other attacks may also be possible.

These issues are fixed in:

Firefox 17.0
Firefox ESR 10.0.11
Thunderbird 17.0
Thunderbird ESR 10.0.11
SeaMonkey 2.14

This BID is being retired. The following individual records exist to better document the issues:

56614 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4202 Buffer Overflow Vulnerability
56612 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5843 Multiple Memory Corruption Vulnerabilities
56611 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5842 Multiple Memory Corruption Vulnerabilities
56616 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5836 Denial of Service Vulnerability
56613 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4204 Memory Corruption Vulnerability
56618 Mozilla Firefox, SeaMonkey, and Thunderbird CVE-2012-4201 Cross Site Scripting Vulnerability
56621 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4205 Cross-Site Request Forgery Vulnerability
56623 Mozilla Firefox CVE-2012-4203 Privilege Escalation Vulnerability
56625 Mozilla Firefox CVE-2012-4206 Arbitrary Code Execution Vulnerability
56629 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4209 Cross Site Scripting Vulnerability
56628 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4214 Use After Free Memory Corruption Vulnerability
56633 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4215 Use After Free Memory Corruption Vulnerability
56634 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4216 Use After Free Memory Corruption Vulnerability
56635 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5840 Use After Free Memory Corruption Vulnerability
56636 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5829 Heap Buffer Overflow Vulnerability
56637 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5839 Heap Buffer Overflow Vulnerability
56630 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4212 Use After Free Memory Corruption Vulnerability
56638 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4213 Use After Free Memory Corruption Vulnerability
56639 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4217 Use After Free Memory Corruption Vulnerability
56640 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4218 Use After Free Memory Corruption Vulnerability
56641 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5830 Use After Free Memory Corruption Vulnerability
56642 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5833 Memory Corruption Vulnerability
56643 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5835 Integer Overflow Vulnerability
56644 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-5838 Memory Corruption Vulnerability
56627 Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4208 Security Bypass Vulnerability
56631 Mozilla Firefox/SeaMonkey/Thunderbird CVE-2012-5841 Cross Site Scripting Vulnerability
56632 Mozilla Firefox, SeaMonkey, and Thunderbird HZ-GB-2312 Cross Site Scripting Vulnerability
56645 Mozilla Firefox CVE-2012-5837 Developer Toolbar Cross Site Scripting Vulnerability
56646 Mozilla Firefox CVE-2012-4210 Style Inspector Remote Code Execution Vulnerability


 

Privacy Statement
Copyright 2010, SecurityFocus