FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  321198
Date:      2013-06-18
Time:      15:50:05Z
Committer: delphij

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
2273879e-8a2f-11dd-a6fe-0030843d3802mozilla -- multiple vulnerabilities

The Mozilla Foundation reports:

MFSA 2008-37

UTF-8 URL stack buffer overflow

MFSA 2008-38

nsXMLDocument::OnChannelRedirect() same-origin violation

MFSA 2008-39

Privilege escalation using feed preview page and XSS flaw

MFSA 2008-40

Forced mouse drag

MFSA 2008-41

Privilege escalation via XPCnativeWrapper pollution

MFSA 2008-42

Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17)

MFSA 2008-43

BOM characters stripped from JavaScript before execution

MFSA 2008-44

resource: traversal vulnerabilities

MFSA 2008-45

XBM image uninitialized memory reading


Discovery 2008-09-24
Entry 2008-09-24
Modified 2009-12-12
firefox
lt 2.0.0.17,1

gt 3.*,1 lt 3.0.2,1

linux-firefox
linux-firefox-devel
lt 2.0.0.17

seamonkey
linux-seamonkey
lt 1.1.12

thunderbird
linux-thunderbird
lt 2.0.0.17

flock
linux-flock
lt 2.0

linux-seamonkey-devel
gt 0

CVE-2008-0016
CVE-2008-3835
CVE-2008-3836
CVE-2008-3837
CVE-2008-4058
CVE-2008-4059
CVE-2008-4060
CVE-2008-4061
CVE-2008-4062
CVE-2008-4063
CVE-2008-4064
CVE-2008-4065
CVE-2008-4067
CVE-2008-4068
CVE-2008-4069
http://www.mozilla.org/security/announce/2008/mfsa2008-37.html
http://www.mozilla.org/security/announce/2008/mfsa2008-38.html
http://www.mozilla.org/security/announce/2008/mfsa2008-39.html
http://www.mozilla.org/security/announce/2008/mfsa2008-40.html
http://www.mozilla.org/security/announce/2008/mfsa2008-41.html
http://www.mozilla.org/security/announce/2008/mfsa2008-42.html
http://www.mozilla.org/security/announce/2008/mfsa2008-43.html
http://www.mozilla.org/security/announce/2008/mfsa2008-44.html
http://www.mozilla.org/security/announce/2008/mfsa2008-45.html
67bd39ba-12b5-11dd-bab7-0016179b2dd5firefox -- javascript garbage collector vulnerability

Mozilla Foundation reports:

Fixes for security problems in the JavaScript engine described in MFSA 2008-15 introduced a stability problem, where some users experienced crashes during JavaScript garbage collection. This is being fixed primarily to address stability concerns. We have no demonstration that this particular crash is exploitable but are issuing this advisory because some crashes of this type have been shown to be exploitable in the past.


Discovery 2008-04-16
Entry 2008-04-25
Modified 2009-12-12
firefox
lt 2.0.0.14,1

linux-firefox
linux-firefox-devel
lt 2.0.0.14

seamonkey
linux-seamonkey
lt 1.1.10

flock
linux-flock
lt 1.1.2

linux-seamonkey-devel
gt 0

thunderbird
linux-thunderbird
lt 2.0.0.14

CVE-2008-1237
CVE-2008-1380
28818
http://secunia.com/advisories/29787
http://www.mozilla.org/security/announce/2008/mfsa2008-20.html
2273879e-8a2f-11dd-a6fe-0030843d3802mozilla -- multiple vulnerabilities

The Mozilla Foundation reports:

MFSA 2008-37

UTF-8 URL stack buffer overflow

MFSA 2008-38

nsXMLDocument::OnChannelRedirect() same-origin violation

MFSA 2008-39

Privilege escalation using feed preview page and XSS flaw

MFSA 2008-40

Forced mouse drag

MFSA 2008-41

Privilege escalation via XPCnativeWrapper pollution

MFSA 2008-42

Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17)

MFSA 2008-43

BOM characters stripped from JavaScript before execution

MFSA 2008-44

resource: traversal vulnerabilities

MFSA 2008-45

XBM image uninitialized memory reading


Discovery 2008-09-24
Entry 2008-09-24
Modified 2009-12-12
firefox
lt 2.0.0.17,1

gt 3.*,1 lt 3.0.2,1

linux-firefox
linux-firefox-devel
lt 2.0.0.17

seamonkey
linux-seamonkey
lt 1.1.12

thunderbird
linux-thunderbird
lt 2.0.0.17

flock
linux-flock
lt 2.0

linux-seamonkey-devel
gt 0

CVE-2008-0016
CVE-2008-3835
CVE-2008-3836
CVE-2008-3837
CVE-2008-4058
CVE-2008-4059
CVE-2008-4060
CVE-2008-4061
CVE-2008-4062
CVE-2008-4063
CVE-2008-4064
CVE-2008-4065
CVE-2008-4067
CVE-2008-4068
CVE-2008-4069
http://www.mozilla.org/security/announce/2008/mfsa2008-37.html
http://www.mozilla.org/security/announce/2008/mfsa2008-38.html
http://www.mozilla.org/security/announce/2008/mfsa2008-39.html
http://www.mozilla.org/security/announce/2008/mfsa2008-40.html
http://www.mozilla.org/security/announce/2008/mfsa2008-41.html
http://www.mozilla.org/security/announce/2008/mfsa2008-42.html
http://www.mozilla.org/security/announce/2008/mfsa2008-43.html
http://www.mozilla.org/security/announce/2008/mfsa2008-44.html
http://www.mozilla.org/security/announce/2008/mfsa2008-45.html
67bd39ba-12b5-11dd-bab7-0016179b2dd5firefox -- javascript garbage collector vulnerability

Mozilla Foundation reports:

Fixes for security problems in the JavaScript engine described in MFSA 2008-15 introduced a stability problem, where some users experienced crashes during JavaScript garbage collection. This is being fixed primarily to address stability concerns. We have no demonstration that this particular crash is exploitable but are issuing this advisory because some crashes of this type have been shown to be exploitable in the past.


Discovery 2008-04-16
Entry 2008-04-25
Modified 2009-12-12
firefox
lt 2.0.0.14,1

linux-firefox
linux-firefox-devel
lt 2.0.0.14

seamonkey
linux-seamonkey
lt 1.1.10

flock
linux-flock
lt 1.1.2

linux-seamonkey-devel
gt 0

thunderbird
linux-thunderbird
lt 2.0.0.14

CVE-2008-1237
CVE-2008-1380
28818
http://secunia.com/advisories/29787
http://www.mozilla.org/security/announce/2008/mfsa2008-20.html