FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-19 19:12:13 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
9ccfee39-3c3b-11df-9edc-000f20797ede	mozilla -- multiple vulnerabilities Mozilla Project reports: MFSA 2010-24 XMLDocument::load() doesn't check nsIContentPolicy MFSA 2010-23 Image src redirect to mailto: URL opens email editor MFSA 2010-22 Update NSS to support TLS renegotiation indication MFSA 2010-21 Arbitrary code execution with Firebug XMLHttpRequestSpy MFSA 2010-20 Chrome privilege escalation via forced URL drag and drop MFSA 2010-19 Dangling pointer vulnerability in nsPluginArray MFSA 2010-18 Dangling pointer vulnerability in nsTreeContentView MFSA 2010-17 Remote code execution with use-after-free in nsTreeSelection MFSA 2010-16 Crashes with evidence of memory corruption (rv:1.9.2.2/ 1.9.1.9/ 1.9.0.19) Discovery 2010-03-30 Entry 2010-03-30 seamonkey > 2.0 lt 2.0.4 thunderbird >= 3.0 lt 3.0.4 firefox > 3.5.,1 lt 3.5.9,1 > 3.,1 lt 3.0.19,1 linux-firefox < 3.0.19,1 linux-firefox-devel < 3.5.9 nss linux-f10-nss < 3.12.5 CVE-2010-0181 CVE-2009-3555 CVE-2010-0179 CVE-2010-0178 CVE-2010-0177 CVE-2010-0176 CVE-2010-0175 CVE-2010-0174 CVE-2010-0173 http://www.mozilla.org/security/announce/2010/mfsa2010-24.html http://www.mozilla.org/security/announce/2010/mfsa2010-23.html http://www.mozilla.org/security/announce/2010/mfsa2010-22.html http://www.mozilla.org/security/announce/2010/mfsa2010-21.html http://www.mozilla.org/security/announce/2010/mfsa2010-20.html http://www.mozilla.org/security/announce/2010/mfsa2010-19.html http://www.mozilla.org/security/announce/2010/mfsa2010-18.html http://www.mozilla.org/security/announce/2010/mfsa2010-17.html http://www.mozilla.org/security/announce/2010/mfsa2010-16.html
4cb165f0-6e48-423e-8147-92255d35c0f7	NSS -- multiple vulnerabilities Mozilla Foundation reports: An out-of-bounds write during Base64 decoding operation in the Network Security Services (NSS) library due to insufficient memory being allocated to the buffer. This results in a potentially exploitable crash. The NSS library has been updated to fix this issue to address this issue and Firefox 53 has been updated with NSS version 3.29.5. A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bits over. The NSS library has been updated to fix this issue to address this issue and Firefox 53 has been updated with NSS version 3.29.5. Discovery 2017-03-17 Entry 2017-04-19 nss linux-f10-nss linux-c6-nss linux-c7-nss >= 3.30 lt 3.30.1 >= 3.29 lt 3.29.5 >= 3.22 lt 3.28.4 < 3.21.4 CVE-2017-5461 CVE-2017-5462 https://hg.mozilla.org/projects/nss/rev/99a86619eac9 https://hg.mozilla.org/projects/nss/rev/e126381a3c29

VuXML ID

Description

9ccfee39-3c3b-11df-9edc-000f20797ede

mozilla -- multiple vulnerabilities

Mozilla Project reports:

MFSA 2010-24 XMLDocument::load() doesn't check nsIContentPolicy

MFSA 2010-23 Image src redirect to mailto: URL opens email editor

MFSA 2010-22 Update NSS to support TLS renegotiation indication

MFSA 2010-21 Arbitrary code execution with Firebug XMLHttpRequestSpy

MFSA 2010-20 Chrome privilege escalation via forced URL drag and drop

MFSA 2010-19 Dangling pointer vulnerability in nsPluginArray

MFSA 2010-18 Dangling pointer vulnerability in nsTreeContentView

MFSA 2010-17 Remote code execution with use-after-free in nsTreeSelection

MFSA 2010-16 Crashes with evidence of memory corruption (rv:1.9.2.2/ 1.9.1.9/ 1.9.0.19)

Discovery 2010-03-30
Entry 2010-03-30
seamonkey

> 2.0 lt 2.0.4

thunderbird

>= 3.0 lt 3.0.4

firefox

> 3.5.*,1 lt 3.5.9,1

> 3.*,1 lt 3.0.19,1

linux-firefox

< 3.0.19,1

linux-firefox-devel

< 3.5.9

nss
linux-f10-nss

< 3.12.5

CVE-2010-0181
CVE-2009-3555
CVE-2010-0179
CVE-2010-0178
CVE-2010-0177
CVE-2010-0176
CVE-2010-0175
CVE-2010-0174
CVE-2010-0173
http://www.mozilla.org/security/announce/2010/mfsa2010-24.html
http://www.mozilla.org/security/announce/2010/mfsa2010-23.html
http://www.mozilla.org/security/announce/2010/mfsa2010-22.html
http://www.mozilla.org/security/announce/2010/mfsa2010-21.html
http://www.mozilla.org/security/announce/2010/mfsa2010-20.html
http://www.mozilla.org/security/announce/2010/mfsa2010-19.html
http://www.mozilla.org/security/announce/2010/mfsa2010-18.html
http://www.mozilla.org/security/announce/2010/mfsa2010-17.html
http://www.mozilla.org/security/announce/2010/mfsa2010-16.html

4cb165f0-6e48-423e-8147-92255d35c0f7

NSS -- multiple vulnerabilities

Mozilla Foundation reports:

An out-of-bounds write during Base64 decoding operation in the Network Security Services (NSS) library due to insufficient memory being allocated to the buffer. This results in a potentially exploitable crash. The NSS library has been updated to fix this issue to address this issue and Firefox 53 has been updated with NSS version 3.29.5.

A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bits over. The NSS library has been updated to fix this issue to address this issue and Firefox 53 has been updated with NSS version 3.29.5.

Discovery 2017-03-17
Entry 2017-04-19
nss
linux-f10-nss
linux-c6-nss
linux-c7-nss

>= 3.30 lt 3.30.1

>= 3.29 lt 3.29.5

>= 3.22 lt 3.28.4

< 3.21.4

CVE-2017-5461
CVE-2017-5462
https://hg.mozilla.org/projects/nss/rev/99a86619eac9
https://hg.mozilla.org/projects/nss/rev/e126381a3c29