This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-05-19 05:30:57 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
cbfde1cd-87eb-11d9-aa18-0001020eed82 | mozilla -- arbitrary code execution vulnerability A Mozilla Foundation Security Advisory reports:
Workaround: Disable JavaScript. Discovery 2005-02-24 Entry 2005-02-26 firefox < 1.0.1,1 mozilla < 1.7.6,2 linux-mozilla linux-mozilla-devel < 1.7.6 netscape7 ge 0 de-linux-mozillafirebird el-linux-mozillafirebird ja-linux-mozillafirebird-gtk1 ja-mozillafirebird-gtk2 linux-mozillafirebird ru-linux-mozillafirebird zhCN-linux-mozillafirebird zhTW-linux-mozillafirebird ge 0 de-linux-netscape de-netscape7 fr-linux-netscape fr-netscape7 ja-linux-netscape ja-netscape7 linux-netscape linux-phoenix mozilla+ipv6 mozilla-embedded mozilla-firebird mozilla-gtk1 mozilla-gtk2 mozilla-gtk mozilla-thunderbird phoenix pt_BR-netscape7 ge 0 CVE-2005-0527 http://www.mikx.de/fireflashing/ http://www.mikx.de/firescrolling/ http://www.mozilla.org/security/announce/mfsa2005-27.html |
5d72701a-f601-11d9-bcd1-02061b08fc24 | firefox & mozilla -- multiple vulnerabilities The Mozilla Foundation reports of multiple security vulnerabilities in Firefox and Mozilla:
Discovery 2005-07-12 Entry 2005-07-16 firefox < 1.0.5,1 linux-firefox < 1.0.5 mozilla < 1.7.9,2 ge 1.8.*,2 linux-mozilla linux-mozilla-devel < 1.7.9 ge 1.8.* netscape7 ge 0 de-linux-mozillafirebird el-linux-mozillafirebird ja-linux-mozillafirebird-gtk1 ja-mozillafirebird-gtk2 linux-mozillafirebird ru-linux-mozillafirebird zhCN-linux-mozillafirebird zhTW-linux-mozillafirebird ge 0 de-linux-netscape de-netscape7 fr-linux-netscape fr-netscape7 ja-linux-netscape ja-netscape7 linux-netscape linux-phoenix mozilla+ipv6 mozilla-embedded mozilla-firebird mozilla-gtk1 mozilla-gtk2 mozilla-gtk mozilla-thunderbird phoenix pt_BR-netscape7 ge 0 CVE-2005-1937 CVE-2005-2260 CVE-2005-2261 CVE-2005-2262 CVE-2005-2263 CVE-2005-2264 CVE-2005-2265 CVE-2005-2266 CVE-2005-2267 CVE-2005-2268 CVE-2005-2269 CVE-2005-2270 http://www.mozilla.org/projects/security/known-vulnerabilities.html http://www.mozilla.org/security/announce/mfsa2005-45.html http://www.mozilla.org/security/announce/mfsa2005-46.html http://www.mozilla.org/security/announce/mfsa2005-47.html http://www.mozilla.org/security/announce/mfsa2005-48.html http://www.mozilla.org/security/announce/mfsa2005-49.html http://www.mozilla.org/security/announce/mfsa2005-50.html http://www.mozilla.org/security/announce/mfsa2005-51.html http://www.mozilla.org/security/announce/mfsa2005-52.html http://www.mozilla.org/security/announce/mfsa2005-53.html http://www.mozilla.org/security/announce/mfsa2005-54.html http://www.mozilla.org/security/announce/mfsa2005-55.html http://www.mozilla.org/security/announce/mfsa2005-56.html |
3fbf9db2-658b-11d9-abad-000a95bc6fae | mozilla -- heap overflow in NNTP handler Maurycy Prodeus reports a critical vulnerability in Mozilla-based browsers:
Discovery 2004-12-29 Entry 2005-01-13 de-netscape7 fr-netscape7 ja-netscape7 netscape7 pt_BR-netscape7 gt 0 mozilla-gtk1 linux-mozilla linux-mozilla-devel < 1.7.5 mozilla < 1.7.5,2 de-linux-netscape fr-linux-netscape ja-linux-netscape linux-netscape mozilla+ipv6 mozilla-embedded mozilla-gtk2 mozilla-gtk ge 0 CVE-2004-1316 http://isec.pl/vulnerabilities/isec-0020-mozilla.txt http://marc.theaimsgroup.com/?l=bugtraq&m=110436284718949 |
a81746a1-c2c7-11d9-89f7-02061b08fc24 | mozilla -- "Wrapped" javascript: urls bypass security checks A Mozilla Foundation Security Advisory reports:
Discovery 2005-05-11 Entry 2005-05-12 firefox < 1.0.4,1 linux-firefox < 1.0.4 mozilla < 1.7.8,2 ge 1.8.*,2 linux-mozilla linux-mozilla-devel < 1.7.8 ge 1.8.* netscape7 ge 0 de-linux-mozillafirebird el-linux-mozillafirebird ja-linux-mozillafirebird-gtk1 ja-mozillafirebird-gtk2 linux-mozillafirebird ru-linux-mozillafirebird zhCN-linux-mozillafirebird zhTW-linux-mozillafirebird ge 0 de-linux-netscape de-netscape7 fr-linux-netscape fr-netscape7 ja-linux-netscape ja-netscape7 linux-netscape linux-phoenix mozilla+ipv6 mozilla-embedded mozilla-firebird mozilla-gtk1 mozilla-gtk2 mozilla-gtk mozilla-thunderbird phoenix pt_BR-netscape7 ge 0 http://www.mozilla.org/security/announce/mfsa2005-43.html |
b2e6d1d6-1339-11d9-bc4a-000c41e2cdad | mozilla -- scripting vulnerabilities Several scripting vulnerabilities were discovered and corrected in Mozilla:
Discovery 2004-09-13 Entry 2004-09-30 thunderbird < 0.8 de-linux-mozillafirebird el-linux-mozillafirebird firefox ja-linux-mozillafirebird-gtk1 ja-mozillafirebird-gtk2 linux-mozillafirebird ru-linux-mozillafirebird zhCN-linux-mozillafirebird zhTW-linux-mozillafirebird < 1.p de-netscape7 fr-netscape7 ja-netscape7 netscape7 pt_BR-netscape7 le 7.2 mozilla-gtk1 linux-mozilla linux-mozilla-devel < 1.7.3 mozilla < 1.7.3,2 de-linux-netscape fr-linux-netscape ja-linux-netscape linux-netscape linux-phoenix mozilla+ipv6 mozilla-embedded mozilla-firebird mozilla-gtk2 mozilla-gtk mozilla-thunderbird phoenix ge 0 CVE-2004-0905 CVE-2004-0908 CVE-2004-0909 http://bugzilla.mozilla.org/show_bug.cgi?id=250862 http://bugzilla.mozilla.org/show_bug.cgi?id=257523 http://bugzilla.mozilla.org/show_bug.cgi?id=253942 |
a7e0d783-131b-11d9-bc4a-000c41e2cdad | mozilla -- users may be lured into bypassing security dialogs According to the Mozilla project:
Discovery 2004-06-05 Entry 2004-09-30 thunderbird < 0.7 de-linux-mozillafirebird el-linux-mozillafirebird firefox ja-linux-mozillafirebird-gtk1 ja-mozillafirebird-gtk2 linux-mozillafirebird ru-linux-mozillafirebird zhCN-linux-mozillafirebird zhTW-linux-mozillafirebird < 0.9.2 de-netscape7 fr-netscape7 ja-netscape7 netscape7 pt_BR-netscape7 le 7.2 mozilla-gtk1 linux-mozilla linux-mozilla-devel < 1.7 mozilla < 1.7,2 de-linux-netscape fr-linux-netscape ja-linux-netscape linux-netscape linux-phoenix mozilla+ipv6 mozilla-embedded mozilla-firebird mozilla-gtk2 mozilla-gtk mozilla-thunderbird phoenix ge 0 CVE-2004-0762 http://bugzilla.mozilla.org/show_bug.cgi?id=162020 |
7d2aac52-9c6b-11d9-99a7-000a95bc6fae | mozilla -- heap buffer overflow in GIF image processing A Mozilla Foundation Security Advisory states:
Discovery 2005-03-10 Entry 2005-03-24 firefox < 1.0.2,1 thunderbird linux-firefox < 1.0.2 mozilla < 1.7.6,2 ge 1.8.*,2 linux-mozilla linux-mozilla-devel < 1.7.6 ge 1.8.* netscape7 ge 0 de-linux-mozillafirebird el-linux-mozillafirebird ja-linux-mozillafirebird-gtk1 ja-mozillafirebird-gtk2 linux-mozillafirebird ru-linux-mozillafirebird zhCN-linux-mozillafirebird zhTW-linux-mozillafirebird ge 0 de-linux-netscape de-netscape7 fr-linux-netscape fr-netscape7 ja-linux-netscape ja-netscape7 linux-netscape linux-phoenix mozilla+ipv6 mozilla-embedded mozilla-firebird mozilla-gtk1 mozilla-gtk2 mozilla-gtk mozilla-thunderbird phoenix pt_BR-netscape7 ge 0 CVE-2005-0399 http://www.mozilla.org/security/announce/mfsa2005-30.html http://xforce.iss.net/xforce/alerts/id/191 https://bugzilla.mozilla.org/show_bug.cgi?id=285595 |
2e28cefb-2aee-11da-a263-0001020eed82 | firefox & mozilla -- command line URL shell command injection A Secunia Advisory reports:
Discovery 2005-09-06 Entry 2005-09-22 Modified 2005-10-26 firefox < 1.0.7,1 linux-firefox < 1.0.7 mozilla < 1.7.12,2 ge 1.8.*,2 linux-mozilla < 1.7.12 linux-mozilla-devel gt 0 netscape7 ge 0 de-linux-mozillafirebird el-linux-mozillafirebird ja-linux-mozillafirebird-gtk1 ja-mozillafirebird-gtk2 linux-mozillafirebird ru-linux-mozillafirebird zhCN-linux-mozillafirebird zhTW-linux-mozillafirebird ge 0 de-linux-netscape de-netscape7 fr-linux-netscape fr-netscape7 ja-linux-netscape ja-netscape7 linux-netscape linux-phoenix mozilla+ipv6 mozilla-embedded mozilla-firebird mozilla-gtk1 mozilla-gtk2 mozilla-gtk mozilla-thunderbird phoenix pt_BR-netscape7 ge 0 CVE-2005-2968 https://bugzilla.mozilla.org/show_bug.cgi?id=307185 http://secunia.com/advisories/16869/ http://www.mozilla.org/security/announce/mfsa2005-59.html |
a6427195-c2c7-11d9-89f7-02061b08fc24 | mozilla -- privilege escalation via non-DOM property overrides A Mozilla Foundation Security Advisory reports:
The Mozilla Foundation Security Advisory MFSA 2005-41 reports:
Discovery 2005-05-11 Entry 2005-05-12 firefox < 1.0.4,1 linux-firefox < 1.0.4 mozilla < 1.7.8,2 ge 1.8.*,2 linux-mozilla linux-mozilla-devel < 1.7.8 ge 1.8.* netscape7 ge 0 de-linux-mozillafirebird el-linux-mozillafirebird ja-linux-mozillafirebird-gtk1 ja-mozillafirebird-gtk2 linux-mozillafirebird ru-linux-mozillafirebird zhCN-linux-mozillafirebird zhTW-linux-mozillafirebird ge 0 de-linux-netscape de-netscape7 fr-linux-netscape fr-netscape7 ja-linux-netscape ja-netscape7 linux-netscape linux-phoenix mozilla+ipv6 mozilla-embedded mozilla-firebird mozilla-gtk1 mozilla-gtk2 mozilla-gtk mozilla-thunderbird phoenix pt_BR-netscape7 ge 0 http://www.mozilla.org/security/announce/mfsa2005-44.html |
f9e3e60b-e650-11d8-9b0a-000347a4fa7d | libpng stack-based buffer overflow and other code concerns Chris Evans has discovered multiple vulnerabilities in libpng, which can be exploited by malicious people to compromise a vulnerable system or cause a DoS (Denial of Service). Discovery 2004-08-04 Entry 2004-08-04 Modified 2004-08-15 png le 1.2.5_7 linux-png le 1.0.14_3 ge 1.2 le 1.2.2 firefox < 0.9.3 thunderbird < 0.7.3 linux-mozilla < 1.7.2 linux-mozilla-devel < 1.7.2 mozilla < 1.7.2,2 ge 1.8.a,2 le 1.8.a2,2 mozilla-gtk1 < 1.7.2 netscape-communicator netscape-navigator le 4.78 linux-netscape-communicator linux-netscape-navigator ko-netscape-navigator-linux ko-netscape-communicator-linux ja-netscape-communicator-linux ja-netscape-navigator-linux le 4.8 netscape7 ja-netscape7 le 7.1 pt_BR-netscape7 fr-netscape7 de-netscape7 le 7.02 http://www.securityfocus.com/archive/1/370853 http://scary.beasts.org/security/CESA-2004-001.txt http://www.osvdb.org/8312 http://www.osvdb.org/8313 http://www.osvdb.org/8314 http://www.osvdb.org/8315 http://www.osvdb.org/8316 CVE-2004-0597 CVE-2004-0598 CVE-2004-0599 388984 236656 160448 477512 817368 286464 http://secunia.com/advisories/12219 http://secunia.com/advisories/12232 http://bugzilla.mozilla.org/show_bug.cgi?id=251381 TA04-217A http://dl.sourceforge.net/sourceforge/libpng/ADVISORY.txt |
1989b511-ae62-11d9-a788-0001020eed82 | mozilla -- code execution through javascript: favicons A Mozilla Foundation Security Advisory reports:
Discovery 2005-04-12 Entry 2005-04-16 firefox < 1.0.3,1 linux-firefox < 1.0.3 mozilla < 1.7.7,2 ge 1.8.*,2 linux-mozilla linux-mozilla-devel < 1.7.7 ge 1.8.* netscape7 ge 0 de-linux-mozillafirebird el-linux-mozillafirebird ja-linux-mozillafirebird-gtk1 ja-mozillafirebird-gtk2 linux-mozillafirebird ru-linux-mozillafirebird zhCN-linux-mozillafirebird zhTW-linux-mozillafirebird ge 0 de-linux-netscape de-netscape7 fr-linux-netscape fr-netscape7 ja-linux-netscape ja-netscape7 linux-netscape linux-phoenix mozilla+ipv6 mozilla-embedded mozilla-firebird mozilla-gtk1 mozilla-gtk2 mozilla-gtk mozilla-thunderbird phoenix pt_BR-netscape7 ge 0 http://www.mozilla.org/security/announce/mfsa2005-37.html |
f650d5b8-ae62-11d9-a788-0001020eed82 | mozilla -- privilege escalation via DOM property overrides A Mozilla Foundation Security Advisory reports:
Discovery 2005-04-15 Entry 2005-04-16 firefox < 1.0.3,1 linux-firefox < 1.0.3 mozilla < 1.7.7,2 ge 1.8.*,2 linux-mozilla linux-mozilla-devel < 1.7.7 ge 1.8.* netscape7 ge 0 de-linux-mozillafirebird el-linux-mozillafirebird ja-linux-mozillafirebird-gtk1 ja-mozillafirebird-gtk2 linux-mozillafirebird ru-linux-mozillafirebird zhCN-linux-mozillafirebird zhTW-linux-mozillafirebird ge 0 de-linux-netscape de-netscape7 fr-linux-netscape fr-netscape7 ja-linux-netscape ja-netscape7 linux-netscape linux-phoenix mozilla+ipv6 mozilla-embedded mozilla-firebird mozilla-gtk1 mozilla-gtk2 mozilla-gtk mozilla-thunderbird phoenix pt_BR-netscape7 ge 0 http://www.mozilla.org/security/announce/mfsa2005-41.html |
ab9c559e-115a-11d9-bc4a-000c41e2cdad | mozilla -- BMP decoder vulnerabilities Gael Delalleau discovered several integer overflows in Mozilla's BMP decoder that can result in denial-of-service or arbitrary code execution. Discovery 2004-09-13 Entry 2004-09-28 Modified 2004-09-30 thunderbird < 0.7.3_1 de-linux-mozillafirebird el-linux-mozillafirebird firefox ja-linux-mozillafirebird-gtk1 ja-mozillafirebird-gtk2 linux-mozillafirebird linux-phoenix phoenix ru-linux-mozillafirebird zhCN-linux-mozillafirebird zhTW-linux-mozillafirebird < 0.9.3_1 de-netscape7 fr-netscape7 ja-netscape7 netscape7 pt_BR-netscape7 le 7.2 linux-mozilla linux-mozilla-devel < 1.7.3 mozilla-gtk1 < 1.7.2_3 mozilla < 1.7.2_2,2 ge 1.8.a,2 lt 1.8.a3_1,2 mozilla+ipv6 mozilla-embedded mozilla-firebird mozilla-gtk mozilla-gtk2 mozilla-thunderbird linux-netscape de-linux-netscape fr-linux-netscape ja-linux-netscape ge 0 CVE-2004-0904 http://bugzilla.mozilla.org/show_bug.cgi?id=255067 TA04-261A 847200 |
b0911985-6e2a-11d9-9557-000a95bc6fae | web browsers -- window injection vulnerabilities A Secunia Research advisory reports:
A workaround for Mozilla-based browsers is available. Discovery 2004-12-08 Entry 2005-01-24 Modified 2005-02-26 firefox < 1.0.1,1 mozilla < 1.7.6,2 linux-mozilla linux-mozilla-devel < 1.7.6 de-linux-mozillafirebird el-linux-mozillafirebird ja-linux-mozillafirebird-gtk1 ja-mozillafirebird-gtk2 linux-mozillafirebird ru-linux-mozillafirebird zhCN-linux-mozillafirebird zhTW-linux-mozillafirebird de-netscape7 fr-netscape7 ja-netscape7 netscape7 pt_BR-netscape7 mozilla-gtk1 ge 0 de-linux-netscape fr-linux-netscape ja-linux-netscape linux-netscape linux-phoenix mozilla+ipv6 mozilla-embedded mozilla-firebird mozilla-gtk2 mozilla-gtk mozilla-thunderbird phoenix ge 0 kdebase kdelibs < 3.3.2 opera opera-devel linux-opera < 7.54.20050131 http://secunia.com/secunia_research/2004-13/advisory/ http://secunia.com/multiple_browsers_window_injection_vulnerability_test/ CVE-2004-1156 http://secunia.com/advisories/13129/ https://bugzilla.mozilla.org/show_bug.cgi?id=273699 https://bugzilla.mozilla.org/show_bug.cgi?id=103638 http://mozillanews.org/?article_date=2004-12-08+06-48-46 CVE-2004-1157 http://secunia.com/advisories/13253/ CVE-2004-1158 http://secunia.com/advisories/13254/ http://www.kde.org/info/security/advisory-20041213-1.txt CVE-2004-1160 http://secunia.com/advisories/13402/ |
d022754d-8839-11d9-aa18-0001020eed82 | mozilla -- insecure temporary directory vulnerability A Mozilla Foundation Security Advisory reports:
Discovery 2005-02-06 Entry 2005-02-26 firefox < 1.0.1,1 mozilla < 1.7.6,2 linux-mozilla linux-mozilla-devel < 1.7.6 netscape7 ge 0 de-linux-mozillafirebird el-linux-mozillafirebird ja-linux-mozillafirebird-gtk1 ja-mozillafirebird-gtk2 linux-mozillafirebird ru-linux-mozillafirebird zhCN-linux-mozillafirebird zhTW-linux-mozillafirebird ge 0 de-linux-netscape de-netscape7 fr-linux-netscape fr-netscape7 ja-linux-netscape ja-netscape7 linux-netscape linux-phoenix mozilla+ipv6 mozilla-embedded mozilla-firebird mozilla-gtk1 mozilla-gtk2 mozilla-gtk mozilla-thunderbird phoenix pt_BR-netscape7 ge 0 http://www.mozilla.org/security/announce/mfsa2005-28.html https://bugzilla.mozilla.org/show_bug.cgi?id=281284 |
8665ebb9-2237-11da-978e-0001020eed82 | firefox & mozilla -- buffer overflow vulnerability Tom Ferris reports:
Note: It is possible to disable IDN support as a workaround to protect against this buffer overflow. How to do this is described on the What Firefox and Mozilla users should know about the IDN buffer overflow security issue web page. Discovery 2005-09-08 Entry 2005-09-10 Modified 2005-10-26 firefox < 1.0.6_5,1 linux-firefox < 1.0.7 mozilla < 1.7.11_1,2 ge 1.8.*,2 lt 1.8.b1_5,2 linux-mozilla < 1.7.12 linux-mozilla-devel gt 0 netscape7 ge 0 de-linux-mozillafirebird el-linux-mozillafirebird ja-linux-mozillafirebird-gtk1 ja-mozillafirebird-gtk2 linux-mozillafirebird ru-linux-mozillafirebird zhCN-linux-mozillafirebird zhTW-linux-mozillafirebird ge 0 de-linux-netscape de-netscape7 fr-linux-netscape fr-netscape7 ja-linux-netscape ja-netscape7 linux-netscape linux-phoenix mozilla+ipv6 mozilla-embedded mozilla-firebird mozilla-gtk1 mozilla-gtk2 mozilla-gtk mozilla-thunderbird phoenix pt_BR-netscape7 ge 0 14784 573857 CVE-2005-2871 http://marc.theaimsgroup.com/?l=full-disclosure&m=112624614008387 http://www.mozilla.org/security/idn.html https://bugzilla.mozilla.org/show_bug.cgi?id=307259 http://www.mozilla.org/security/announce/mfsa2005-57.html |
a77849a5-696f-11d9-ae49-000c41e2cdad | mozilla -- insecure permissions for some downloaded files In a Mozilla bug report, Daniel Kleinsinger writes:
This could expose the contents of downloaded files or email attachments to other users on a multi-user system. Discovery 2004-07-13 Entry 2005-01-18 thunderbird < 0.9 de-linux-mozillafirebird el-linux-mozillafirebird firefox ja-linux-mozillafirebird-gtk1 ja-mozillafirebird-gtk2 linux-mozillafirebird ru-linux-mozillafirebird zhCN-linux-mozillafirebird zhTW-linux-mozillafirebird < 1.0.r2,1 de-netscape7 fr-netscape7 ja-netscape7 netscape7 pt_BR-netscape7 le 7.2 mozilla-gtk1 linux-mozilla linux-mozilla-devel < 1.7.5 mozilla < 1.7.5,2 de-linux-netscape fr-linux-netscape ja-linux-netscape linux-netscape linux-phoenix mozilla+ipv6 mozilla-embedded mozilla-firebird mozilla-gtk2 mozilla-gtk mozilla-thunderbird phoenix ge 0 https://bugzilla.mozilla.org/show_bug.cgi?id=251297 http://marc.theaimsgroup.com/?l=full-disclosure&m=109865078103911 |
8f5dd74b-2c61-11da-a263-0001020eed82 | firefox & mozilla -- multiple vulnerabilities A Mozilla Foundation Security Advisory reports of multiple issues:
Discovery 2005-09-22 Entry 2005-09-23 Modified 2005-10-26 firefox < 1.0.7,1 linux-firefox < 1.0.7 mozilla < 1.7.12,2 ge 1.8.*,2 linux-mozilla < 1.7.12 linux-mozilla-devel gt 0 netscape7 ge 0 de-linux-mozillafirebird el-linux-mozillafirebird ja-linux-mozillafirebird-gtk1 ja-mozillafirebird-gtk2 linux-mozillafirebird ru-linux-mozillafirebird zhCN-linux-mozillafirebird zhTW-linux-mozillafirebird ge 0 de-linux-netscape de-netscape7 fr-linux-netscape fr-netscape7 ja-linux-netscape ja-netscape7 linux-netscape linux-phoenix mozilla+ipv6 mozilla-embedded mozilla-firebird mozilla-gtk1 mozilla-gtk2 mozilla-gtk mozilla-thunderbird phoenix pt_BR-netscape7 ge 0 CVE-2005-2701 CVE-2005-2702 CVE-2005-2703 CVE-2005-2704 CVE-2005-2705 CVE-2005-2706 CVE-2005-2707 http://www.mozilla.org/security/announce/mfsa2005-58.html |
eca6195a-c233-11d9-804c-02061b08fc24 | mozilla -- code execution via javascript: IconURL vulnerability A Mozilla Foundation Security Advisory reports:
Discovery 2005-05-08 Entry 2005-05-11 firefox < 1.0.4,1 linux-firefox < 1.0.4 mozilla < 1.7.8,2 ge 1.8.*,2 linux-mozilla linux-mozilla-devel < 1.7.8 ge 1.8.* netscape7 ge 0 de-linux-mozillafirebird el-linux-mozillafirebird ja-linux-mozillafirebird-gtk1 ja-mozillafirebird-gtk2 linux-mozillafirebird ru-linux-mozillafirebird zhCN-linux-mozillafirebird zhTW-linux-mozillafirebird ge 0 de-linux-netscape de-netscape7 fr-linux-netscape fr-netscape7 ja-linux-netscape ja-netscape7 linux-netscape linux-phoenix mozilla+ipv6 mozilla-embedded mozilla-firebird mozilla-gtk1 mozilla-gtk2 mozilla-gtk mozilla-thunderbird phoenix pt_BR-netscape7 ge 0 CVE-2005-1476 CVE-2005-1477 http://www.mozilla.org/security/announce/mfsa2005-42.html |
5360a659-131c-11d9-bc4a-000c41e2cdad | mozilla -- hostname spoofing bug When processing URIs that contain an unqualified host name-- specifically, a domain name of only one component-- Mozilla will perform matching against the first component of the domain name in SSL certificates. In other words, in some situations, a certificate issued to "www.example.com" will be accepted as matching "www". Discovery 2004-02-12 Entry 2004-09-30 thunderbird < 0.7 de-linux-mozillafirebird el-linux-mozillafirebird firefox ja-linux-mozillafirebird-gtk1 ja-mozillafirebird-gtk2 linux-mozillafirebird ru-linux-mozillafirebird zhCN-linux-mozillafirebird zhTW-linux-mozillafirebird < 0.9.2 de-netscape7 fr-netscape7 ja-netscape7 netscape7 pt_BR-netscape7 le 7.2 mozilla-gtk1 linux-mozilla linux-mozilla-devel < 1.7 mozilla < 1.7,2 de-linux-netscape fr-linux-netscape ja-linux-netscape linux-netscape linux-phoenix mozilla+ipv6 mozilla-embedded mozilla-firebird mozilla-gtk2 mozilla-gtk mozilla-thunderbird phoenix ge 0 CVE-2004-0765 http://bugzilla.mozilla.org/show_bug.cgi?id=234058 |
45b75152-ae5f-11d9-a788-0001020eed82 | mozilla -- javascript "lambda" replace exposes memory contents A Mozilla Foundation Security Advisory reports:
Discovery 2005-04-01 Entry 2005-04-16 firefox < 1.0.3,1 linux-firefox < 1.0.3 mozilla < 1.7.7,2 ge 1.8.*,2 linux-mozilla linux-mozilla-devel < 1.7.7 ge 1.8.* netscape7 ge 0 de-linux-mozillafirebird el-linux-mozillafirebird ja-linux-mozillafirebird-gtk1 ja-mozillafirebird-gtk2 linux-mozillafirebird ru-linux-mozillafirebird zhCN-linux-mozillafirebird zhTW-linux-mozillafirebird ge 0 de-linux-netscape de-netscape7 fr-linux-netscape fr-netscape7 ja-linux-netscape ja-netscape7 linux-netscape linux-phoenix mozilla+ipv6 mozilla-embedded mozilla-firebird mozilla-gtk1 mozilla-gtk2 mozilla-gtk mozilla-thunderbird phoenix pt_BR-netscape7 ge 0 CVE-2005-0989 http://www.mozilla.org/security/announce/mfsa2005-33.html https://bugzilla.mozilla.org/show_bug.cgi?id=288688 |