mozilla -- multiple vulnerabilities

2013-08-0600:00:00

vuxml.freebsd.org

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.927 High

EPSS

Percentile

99.0%

JSON

The Mozilla Project reports:

MFSA 2013-63 Miscellaneous memory safety hazards (rv:23.0 /
rv:17.0.8)
MFSA 2013-64 Use after free mutating DOM during SetBody
MFSA 2013-65 Buffer underflow when generating CRMF requests
MFSA 2013-66 Buffer overflow in Mozilla Maintenance Service and
Mozilla Updater
MFSA 2013-67 Crash during WAV audio file decoding
MFSA 2013-68 Document URI misrepresentation and masquerading
MFSA 2013-69 CRMF requests allow for code execution and XSS
attacks
MFSA 2013-70 Bypass of XrayWrappers using XBL Scopes
MFSA 2013-71 Further Privilege escalation through Mozilla Updater
MFSA 2013-72 Wrong principal used for validating URI for some
Javascript components
MFSA 2013-73 Same-origin bypass with web workers and
XMLHttpRequest
MFSA 2013-74 Firefox full and stub installer DLL hijacking
MFSA 2013-75 Local Java applets may read contents of local file
system

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchfirefox< 23.0,1UNKNOWN
FreeBSDanynoarchlinux-firefox< 17.0.8,1UNKNOWN
FreeBSDanynoarchlinux-seamonkey< 2.20UNKNOWN
FreeBSDanynoarchlinux-thunderbird< 17.0.8UNKNOWN
FreeBSDanynoarchseamonkey< 2.20UNKNOWN
FreeBSDanynoarchthunderbird< 17.0.8UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	firefox	< 23.0,1	UNKNOWN
FreeBSD	any	noarch	linux-firefox	< 17.0.8,1	UNKNOWN
FreeBSD	any	noarch	linux-seamonkey	< 2.20	UNKNOWN
FreeBSD	any	noarch	linux-thunderbird	< 17.0.8	UNKNOWN
FreeBSD	any	noarch	seamonkey	< 2.20	UNKNOWN
FreeBSD	any	noarch	thunderbird	< 17.0.8	UNKNOWN