FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  351938
Date:      2014-04-23
Time:      13:36:36Z
Committer: lwhsu

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
7dfed67b-20aa-11e3-b8d8-0025905a4771mozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA 2013-76 Miscellaneous memory safety hazards (rv:24.0 / rv:17.0.9)

MFSA 2013-77 Improper state in HTML5 Tree Builder with templates

MFSA 2013-78 Integer overflow in ANGLE library

MFSA 2013-79 Use-after-free in Animation Manager during stylesheet cloning

MFSA 2013-80 NativeKey continues handling key messages after widget is destroyed

MFSA 2013-81 Use-after-free with select element

MFSA 2013-82 Calling scope for new Javascript objects can lead to memory corruption

MFSA 2013-83 Mozilla Updater does not lock MAR file after signature verification

MFSA 2013-84 Same-origin bypass through symbolic links

MFSA 2013-85 Uninitialized data in IonMonkey

MFSA 2013-86 WebGL Information disclosure through OS X NVIDIA graphic drivers

MFSA 2013-87 Shared object library loading from writable location

MFSA 2013-88 compartment mismatch re-attaching XBL-backed nodes

MFSA 2013-89 Buffer overflow with multi-column, lists, and floats

MFSA 2013-90 Memory corruption involving scrolling

MFSA 2013-91 User-defined properties on DOM proxies get the wrong "this" object

MFSA 2013-92 GC hazard with default compartments and frame chain restoration


Discovery 2013-08-17
Entry 2013-08-18
Modified 2013-09-19
firefox
gt 18.0,1 lt 24.0,1

lt 17.0.9,1

linux-firefox
lt 17.0.9,1

linux-seamonkey
lt 2.21

linux-thunderbird
lt 17.0.9

seamonkey
lt 2.21

thunderbird
lt 24.0

CVE-2013-1718
CVE-2013-1719
CVE-2013-1720
CVE-2013-1721
CVE-2013-1722
CVE-2013-1723
CVE-2013-1724
CVE-2013-1725
CVE-2013-1726
CVE-2013-1727
CVE-2013-1728
CVE-2013-1729
CVE-2013-1730
CVE-2013-1731
CVE-2013-1732
CVE-2013-1735
CVE-2013-1736
CVE-2013-1737
CVE-2013-1738
https://www.mozilla.org/security/announce/2013/mfsa2013-76.html
https://www.mozilla.org/security/announce/2013/mfsa2013-77.html
https://www.mozilla.org/security/announce/2013/mfsa2013-78.html
https://www.mozilla.org/security/announce/2013/mfsa2013-79.html
https://www.mozilla.org/security/announce/2013/mfsa2013-80.html
https://www.mozilla.org/security/announce/2013/mfsa2013-81.html
https://www.mozilla.org/security/announce/2013/mfsa2013-82.html
https://www.mozilla.org/security/announce/2013/mfsa2013-83.html
https://www.mozilla.org/security/announce/2013/mfsa2013-84.html
https://www.mozilla.org/security/announce/2013/mfsa2013-85.html
https://www.mozilla.org/security/announce/2013/mfsa2013-86.html
https://www.mozilla.org/security/announce/2013/mfsa2013-87.html
https://www.mozilla.org/security/announce/2013/mfsa2013-88.html
https://www.mozilla.org/security/announce/2013/mfsa2013-89.html
https://www.mozilla.org/security/announce/2013/mfsa2013-90.html
https://www.mozilla.org/security/announce/2013/mfsa2013-91.html
https://www.mozilla.org/security/announce/2013/mfsa2013-92.html
http://www.mozilla.org/security/known-vulnerabilities/
dd116b19-64b3-11e3-868f-0025905a4771mozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA 2013-116 JPEG information leak

MFSA 2013-105 Application Installation doorhanger persists on navigation

MFSA 2013-106 Character encoding cross-origin XSS attack

MFSA 2013-107 Sandbox restrictions not applied to nested object elements

MFSA 2013-108 Use-after-free in event listeners

MFSA 2013-109 Use-after-free during Table Editing

MFSA 2013-110 Potential overflow in JavaScript binary search algorithms

MFSA 2013-111 Segmentation violation when replacing ordered list elements

MFSA 2013-112 Linux clipboard information disclosure though selection paste

MFSA 2013-113 Trust settings for built-in roots ignored during EV certificate validation

MFSA 2013-114 Use-after-free in synthetic mouse movement

MFSA 2013-115 GetElementIC typed array stubs can be generated outside observed typesets

MFSA 2013-116 JPEG information leak

MFSA 2013-117 Mis-issued ANSSI/DCSSI certificate


Discovery 2013-12-09
Entry 2013-12-14
firefox
gt 25.0,1 lt 26.0,1

lt 24.2.0,1

linux-firefox
lt 26.0,1

linux-seamonkey
lt 2.23

linux-thunderbird
lt 24.2.0

seamonkey
lt 2.23

thunderbird
lt 24.2.0

CVE-2013-5619
CVE-2013-6629
CVE-2013-5615
CVE-2013-5616
CVE-2013-5618
CVE-2013-5609
CVE-2013-5610
CVE-2013-5611
CVE-2013-5612
CVE-2013-5613
CVE-2013-5614
CVE-2013-6630
CVE-2013-6671
CVE-2013-6672
CVE-2013-6673
https://www.mozilla.org/security/announce/2013/mfsa2013-104.html
https://www.mozilla.org/security/announce/2013/mfsa2013-105.html
https://www.mozilla.org/security/announce/2013/mfsa2013-106.html
https://www.mozilla.org/security/announce/2013/mfsa2013-107.html
https://www.mozilla.org/security/announce/2013/mfsa2013-108.html
https://www.mozilla.org/security/announce/2013/mfsa2013-109.html
https://www.mozilla.org/security/announce/2013/mfsa2013-110.html
https://www.mozilla.org/security/announce/2013/mfsa2013-111.html
https://www.mozilla.org/security/announce/2013/mfsa2013-112.html
https://www.mozilla.org/security/announce/2013/mfsa2013-113.html
https://www.mozilla.org/security/announce/2013/mfsa2013-114.html
https://www.mozilla.org/security/announce/2013/mfsa2013-115.html
https://www.mozilla.org/security/announce/2013/mfsa2013-116.html
https://www.mozilla.org/security/announce/2013/mfsa2013-117.html
http://www.mozilla.org/security/known-vulnerabilities/
b3fcb387-de4b-11e2-b1c6-0025905a4771mozilla -- multiple vulnerabilities

The Mozilla Project reports:

Miscellaneous memory safety hazards (rv:22.0 / rv:17.0.7)

Title: Memory corruption found using Address Sanitizer

Privileged content access and execution via XBL

Arbitrary code execution within Profiler

Execution of unmapped memory through onreadystatechange

Data in the body of XHR HEAD requests leads to CSRF attacks

SVG filters can lead to information disclosure

PreserveWrapper has inconsistent behavior

Sandbox restrictions not applied to nested frame elements

X-Frame-Options ignored when using server push with multi-part responses

XrayWrappers can be bypassed to run user defined methods in a privileged context

getUserMedia permission dialog incorrectly displays location

Homograph domain spoofing in .com, .net and .name

Inaccessible updater can lead to local privilege escalation


Discovery 2013-06-25
Entry 2013-06-26
firefox
gt 18.0,1 lt 22.0,1

lt 17.0.7,1

linux-firefox
lt 17.0.7,1

linux-seamonkey
lt 2.19

linux-thunderbird
lt 17.0.7

seamonkey
lt 2.19

thunderbird
gt 11.0 lt 17.0.7

CVE-2013-1682
CVE-2013-1683
CVE-2013-1684
CVE-2013-1685
CVE-2013-1686
CVE-2013-1687
CVE-2013-1688
CVE-2013-1690
CVE-2013-1692
CVE-2013-1693
CVE-2013-1694
CVE-2013-1695
CVE-2013-1696
CVE-2013-1697
CVE-2013-1698
CVE-2013-1699
CVE-2013-1700
http://www.mozilla.org/security/announce/2013/mfsa2013-49.html
http://www.mozilla.org/security/announce/2013/mfsa2013-50.html
http://www.mozilla.org/security/announce/2013/mfsa2013-51.html
http://www.mozilla.org/security/announce/2013/mfsa2013-52.html
http://www.mozilla.org/security/announce/2013/mfsa2013-53.html
http://www.mozilla.org/security/announce/2013/mfsa2013-54.html
http://www.mozilla.org/security/announce/2013/mfsa2013-55.html
http://www.mozilla.org/security/announce/2013/mfsa2013-56.html
http://www.mozilla.org/security/announce/2013/mfsa2013-57.html
http://www.mozilla.org/security/announce/2013/mfsa2013-58.html
http://www.mozilla.org/security/announce/2013/mfsa2013-59.html
http://www.mozilla.org/security/announce/2013/mfsa2013-60.html
http://www.mozilla.org/security/announce/2013/mfsa2013-61.html
http://www.mozilla.org/security/announce/2013/mfsa2013-62.html
http://www.mozilla.org/security/known-vulnerabilities/
0998e79d-0055-11e3-905b-0025905a4771mozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA 2013-63 Miscellaneous memory safety hazards (rv:23.0 / rv:17.0.8)

MFSA 2013-64 Use after free mutating DOM during SetBody

MFSA 2013-65 Buffer underflow when generating CRMF requests

MFSA 2013-66 Buffer overflow in Mozilla Maintenance Service and Mozilla Updater

MFSA 2013-67 Crash during WAV audio file decoding

MFSA 2013-68 Document URI misrepresentation and masquerading

MFSA 2013-69 CRMF requests allow for code execution and XSS attacks

MFSA 2013-70 Bypass of XrayWrappers using XBL Scopes

MFSA 2013-71 Further Privilege escalation through Mozilla Updater

MFSA 2013-72 Wrong principal used for validating URI for some Javascript components

MFSA 2013-73 Same-origin bypass with web workers and XMLHttpRequest

MFSA 2013-74 Firefox full and stub installer DLL hijacking

MFSA 2013-75 Local Java applets may read contents of local file system


Discovery 2013-08-06
Entry 2013-08-08
firefox
gt 18.0,1 lt 23.0,1

lt 17.0.8,1

linux-firefox
lt 17.0.8,1

linux-seamonkey
lt 2.20

linux-thunderbird
lt 17.0.8

seamonkey
lt 2.20

thunderbird
gt 11.0 lt 17.0.8

CVE-2013-1701
CVE-2013-1702
CVE-2013-1704
CVE-2013-1705
CVE-2013-1706
CVE-2013-1707
CVE-2013-1708
CVE-2013-1709
CVE-2013-1710
CVE-2013-1711
CVE-2013-1712
CVE-2013-1713
CVE-2013-1714
CVE-2013-1715
CVE-2013-1717
https://www.mozilla.org/security/announce/2013/mfsa2013-63.html
https://www.mozilla.org/security/announce/2013/mfsa2013-64.html
https://www.mozilla.org/security/announce/2013/mfsa2013-65.html
https://www.mozilla.org/security/announce/2013/mfsa2013-66.html
https://www.mozilla.org/security/announce/2013/mfsa2013-67.html
https://www.mozilla.org/security/announce/2013/mfsa2013-68.html
https://www.mozilla.org/security/announce/2013/mfsa2013-69.html
https://www.mozilla.org/security/announce/2013/mfsa2013-70.html
https://www.mozilla.org/security/announce/2013/mfsa2013-71.html
https://www.mozilla.org/security/announce/2013/mfsa2013-72.html
http://www.mozilla.org/security/known-vulnerabilities/
81f866ad-41a4-11e3-a4af-0025905a4771mozilla -- multiple vulnerabilities

The Mozilla Project reports:

MFSA 2013-93 Miscellaneous memory safety hazards (rv:25.0 / rv:24.1 / rv:17.0.10)

MFSA 2013-94 Spoofing addressbar though SELECT element

MFSA 2013-95 Access violation with XSLT and uninitialized data

MFSA 2013-96 Improperly initialized memory and overflows in some JavaScript functions

MFSA 2013-97 Writing to cycle collected object during image decoding

MFSA 2013-98 Use-after-free when updating offline cache

MFSA 2013-99 Security bypass of PDF.js checks using iframes

MFSA 2013-100 Miscellaneous use-after-free issues found through ASAN fuzzing

MFSA 2013-101 Memory corruption in workers

MFSA 2013-102 Use-after-free in HTML document templates


Discovery 2013-10-29
Entry 2013-10-30
Modified 2013-10-31
firefox
lt 24.1.0,1

linux-firefox
lt 25.0,1

linux-seamonkey
lt 2.22

linux-thunderbird
lt 24.1.0

seamonkey
lt 2.22

thunderbird
lt 24.1.0

CVE-2013-1739
CVE-2013-5590
CVE-2013-5591
CVE-2013-5592
CVE-2013-5593
CVE-2013-5595
CVE-2013-5596
CVE-2013-5597
CVE-2013-5598
CVE-2013-5599
CVE-2013-5600
CVE-2013-5601
CVE-2013-5602
CVE-2013-5603
CVE-2013-5604
https://www.mozilla.org/security/announce/2013/mfsa2013-93.html
https://www.mozilla.org/security/announce/2013/mfsa2013-94.html
https://www.mozilla.org/security/announce/2013/mfsa2013-95.html
https://www.mozilla.org/security/announce/2013/mfsa2013-96.html
https://www.mozilla.org/security/announce/2013/mfsa2013-97.html
https://www.mozilla.org/security/announce/2013/mfsa2013-98.html
https://www.mozilla.org/security/announce/2013/mfsa2013-99.html
https://www.mozilla.org/security/announce/2013/mfsa2013-100.html
https://www.mozilla.org/security/announce/2013/mfsa2013-101.html
https://www.mozilla.org/security/announce/2013/mfsa2013-102.html
http://www.mozilla.org/security/known-vulnerabilities/