FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-23 05:42:14 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
67bd39ba-12b5-11dd-bab7-0016179b2dd5	firefox -- javascript garbage collector vulnerability Mozilla Foundation reports: Fixes for security problems in the JavaScript engine described in MFSA 2008-15 introduced a stability problem, where some users experienced crashes during JavaScript garbage collection. This is being fixed primarily to address stability concerns. We have no demonstration that this particular crash is exploitable but are issuing this advisory because some crashes of this type have been shown to be exploitable in the past. Discovery 2008-04-16 Entry 2008-04-25 Modified 2009-12-12 firefox < 2.0.0.14,1 linux-firefox linux-firefox-devel < 2.0.0.14 seamonkey linux-seamonkey < 1.1.10 flock linux-flock < 1.1.2 linux-seamonkey-devel > 0 thunderbird linux-thunderbird < 2.0.0.14 CVE-2008-1237 CVE-2008-1380 28818 http://secunia.com/advisories/29787 http://www.mozilla.org/security/announce/2008/mfsa2008-20.html
2273879e-8a2f-11dd-a6fe-0030843d3802	mozilla -- multiple vulnerabilities The Mozilla Foundation reports: MFSA 2008-37 UTF-8 URL stack buffer overflow MFSA 2008-38 nsXMLDocument::OnChannelRedirect() same-origin violation MFSA 2008-39 Privilege escalation using feed preview page and XSS flaw MFSA 2008-40 Forced mouse drag MFSA 2008-41 Privilege escalation via XPCnativeWrapper pollution MFSA 2008-42 Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17) MFSA 2008-43 BOM characters stripped from JavaScript before execution MFSA 2008-44 resource: traversal vulnerabilities MFSA 2008-45 XBM image uninitialized memory reading Discovery 2008-09-24 Entry 2008-09-24 Modified 2009-12-12 firefox < 2.0.0.17,1 > 3.*,1 lt 3.0.2,1 linux-firefox linux-firefox-devel < 2.0.0.17 seamonkey linux-seamonkey < 1.1.12 thunderbird linux-thunderbird < 2.0.0.17 flock linux-flock < 2.0 linux-seamonkey-devel > 0 CVE-2008-0016 CVE-2008-3835 CVE-2008-3836 CVE-2008-3837 CVE-2008-4058 CVE-2008-4059 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4063 CVE-2008-4064 CVE-2008-4065 CVE-2008-4067 CVE-2008-4068 CVE-2008-4069 http://www.mozilla.org/security/announce/2008/mfsa2008-37.html http://www.mozilla.org/security/announce/2008/mfsa2008-38.html http://www.mozilla.org/security/announce/2008/mfsa2008-39.html http://www.mozilla.org/security/announce/2008/mfsa2008-40.html http://www.mozilla.org/security/announce/2008/mfsa2008-41.html http://www.mozilla.org/security/announce/2008/mfsa2008-42.html http://www.mozilla.org/security/announce/2008/mfsa2008-43.html http://www.mozilla.org/security/announce/2008/mfsa2008-44.html http://www.mozilla.org/security/announce/2008/mfsa2008-45.html

VuXML ID

Description

67bd39ba-12b5-11dd-bab7-0016179b2dd5

firefox -- javascript garbage collector vulnerability

Mozilla Foundation reports:

Fixes for security problems in the JavaScript engine described in MFSA 2008-15 introduced a stability problem, where some users experienced crashes during JavaScript garbage collection. This is being fixed primarily to address stability concerns. We have no demonstration that this particular crash is exploitable but are issuing this advisory because some crashes of this type have been shown to be exploitable in the past.

Discovery 2008-04-16
Entry 2008-04-25
Modified 2009-12-12
firefox

< 2.0.0.14,1

linux-firefox
linux-firefox-devel

< 2.0.0.14

seamonkey
linux-seamonkey

< 1.1.10

flock
linux-flock

< 1.1.2

linux-seamonkey-devel

> 0

thunderbird
linux-thunderbird

< 2.0.0.14

CVE-2008-1237
CVE-2008-1380
28818
http://secunia.com/advisories/29787
http://www.mozilla.org/security/announce/2008/mfsa2008-20.html

2273879e-8a2f-11dd-a6fe-0030843d3802

mozilla -- multiple vulnerabilities

The Mozilla Foundation reports:

MFSA 2008-37

UTF-8 URL stack buffer overflow

MFSA 2008-38

nsXMLDocument::OnChannelRedirect() same-origin violation

MFSA 2008-39

Privilege escalation using feed preview page and XSS flaw

MFSA 2008-40

Forced mouse drag

MFSA 2008-41

Privilege escalation via XPCnativeWrapper pollution

MFSA 2008-42

Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17)

MFSA 2008-43

BOM characters stripped from JavaScript before execution

MFSA 2008-44

resource: traversal vulnerabilities

MFSA 2008-45

XBM image uninitialized memory reading

Discovery 2008-09-24
Entry 2008-09-24
Modified 2009-12-12
firefox

< 2.0.0.17,1

> 3.*,1 lt 3.0.2,1

linux-firefox
linux-firefox-devel

< 2.0.0.17

seamonkey
linux-seamonkey

< 1.1.12

thunderbird
linux-thunderbird

< 2.0.0.17

flock
linux-flock

< 2.0

linux-seamonkey-devel

> 0

CVE-2008-0016
CVE-2008-3835
CVE-2008-3836
CVE-2008-3837
CVE-2008-4058
CVE-2008-4059
CVE-2008-4060
CVE-2008-4061
CVE-2008-4062
CVE-2008-4063
CVE-2008-4064
CVE-2008-4065
CVE-2008-4067
CVE-2008-4068
CVE-2008-4069
http://www.mozilla.org/security/announce/2008/mfsa2008-37.html
http://www.mozilla.org/security/announce/2008/mfsa2008-38.html
http://www.mozilla.org/security/announce/2008/mfsa2008-39.html
http://www.mozilla.org/security/announce/2008/mfsa2008-40.html
http://www.mozilla.org/security/announce/2008/mfsa2008-41.html
http://www.mozilla.org/security/announce/2008/mfsa2008-42.html
http://www.mozilla.org/security/announce/2008/mfsa2008-43.html
http://www.mozilla.org/security/announce/2008/mfsa2008-44.html
http://www.mozilla.org/security/announce/2008/mfsa2008-45.html