diff options
| author | Beat Gaetzi <beat@FreeBSD.org> | 2014-02-04 21:19:13 +0000 |
|---|---|---|
| committer | Beat Gaetzi <beat@FreeBSD.org> | 2014-02-04 21:19:13 +0000 |
| commit | 0b4b153416f9e7cfed2e99bb135937a42b567641 (patch) | |
| tree | cc12a3dc47c1ae30f5f6c4f4f34a4a93e6ef3958 /security | |
| parent | efa53a3a2db2474432207c4181d95f37b69789e3 (diff) | |
| download | ports-0b4b153416f9e7cfed2e99bb135937a42b567641.tar.gz ports-0b4b153416f9e7cfed2e99bb135937a42b567641.zip | |
Notes
Diffstat (limited to 'security')
| -rw-r--r-- | security/vuxml/vuln.xml | 94 |
1 files changed, 94 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index ccf3a95598e6..38f49affb724 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -51,6 +51,100 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="1753f0ff-8dd5-11e3-9b45-b4b52fce4ce8"> + <topic>mozilla -- multiple vulnerabilities</topic> + <affects> + <package> + <name>firefox</name> + <range><gt>25.0,1</gt><lt>27.0,1</lt></range> + <range><lt>24.3.0,1</lt></range> + </package> + <package> + <name>linux-firefox</name> + <range><lt>27.0,1</lt></range> + </package> + <package> + <name>linux-seamonkey</name> + <range><lt>2.24</lt></range> + </package> + <package> + <name>linux-thunderbird</name> + <range><lt>24.3.0</lt></range> + </package> + <package> + <name>seamonkey</name> + <range><lt>2.24</lt></range> + </package> + <package> + <name>thunderbird</name> + <range><lt>24.3.0</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>The Mozilla Project reports:</p> + <blockquote cite="http://www.mozilla.org/security/known-vulnerabilities/"> + <p>MFSA 2014-01 Miscellaneous memory safety hazards + (rv:27.0 / rv:24.3)</p> + <p>MFSA 2014-02 Clone protected content with XBL scopes</p> + <p>MFSA 2014-03 UI selection timeout missing on download + prompts</p> + <p>MFSA 2014-04 Incorrect use of discarded images by + RasterImage</p> + <p>MFSA 2014-05 Information disclosure with *FromPoint on + iframes</p> + <p>MFSA 2014-06 Profile path leaks to Android system log</p> + <p>MFSA 2014-07 XSLT stylesheets treated as styles in Content + Security Policy</p> + <p>MFSA 2014-08 Use-after-free with imgRequestProxy and image + proccessing</p> + <p>MFSA 2014-09 Cross-origin information leak through web + workers</p> + <p>MFSA 2014-10 Firefox default start page UI content invokable + by script</p> + <p>MFSA 2014-11 Crash when using web workers with asm.js</p> + <p>MFSA 2014-12 NSS ticket handling issues</p> + <p>MFSA 2014-13 Inconsistent JavaScript handling of access to + Window objects</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2014-1477</cvename> + <cvename>CVE-2014-1478</cvename> + <cvename>CVE-2014-1479</cvename> + <cvename>CVE-2014-1480</cvename> + <cvename>CVE-2014-1481</cvename> + <cvename>CVE-2014-1482</cvename> + <cvename>CVE-2014-1483</cvename> + <cvename>CVE-2014-1484</cvename> + <cvename>CVE-2014-1485</cvename> + <cvename>CVE-2014-1486</cvename> + <cvename>CVE-2014-1487</cvename> + <cvename>CVE-2014-1488</cvename> + <cvename>CVE-2014-1489</cvename> + <cvename>CVE-2014-1490</cvename> + <cvename>CVE-2014-1491</cvename> + <url>https://www.mozilla.org/security/announce/2014/mfsa2014-01.html</url> + <url>https://www.mozilla.org/security/announce/2014/mfsa2014-02.html</url> + <url>https://www.mozilla.org/security/announce/2014/mfsa2014-03.html</url> + <url>https://www.mozilla.org/security/announce/2014/mfsa2014-04.html</url> + <url>https://www.mozilla.org/security/announce/2014/mfsa2014-05.html</url> + <url>https://www.mozilla.org/security/announce/2014/mfsa2014-06.html</url> + <url>https://www.mozilla.org/security/announce/2014/mfsa2014-07.html</url> + <url>https://www.mozilla.org/security/announce/2014/mfsa2014-08.html</url> + <url>https://www.mozilla.org/security/announce/2014/mfsa2014-09.html</url> + <url>https://www.mozilla.org/security/announce/2014/mfsa2014-10.html</url> + <url>https://www.mozilla.org/security/announce/2014/mfsa2014-11.html</url> + <url>https://www.mozilla.org/security/announce/2014/mfsa2014-12.html</url> + <url>http://www.mozilla.org/security/known-vulnerabilities/</url> + </references> + <dates> + <discovery>2014-02-04</discovery> + <entry>2014-02-04</entry> + </dates> + </vuln> + <vuln vid="111f1f84-1d14-4ff2-a9ea-cf07119c0d3b"> <topic>libyaml heap overflow resulting in possible code execution</topic> <affects> |