summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMartin Wilke <miwi@FreeBSD.org>2009-12-16 10:44:01 +0000
committerMartin Wilke <miwi@FreeBSD.org>2009-12-16 10:44:01 +0000
commit7eeff2d03d19d85d7101313f2c5f21f909d0f875 (patch)
tree67f58eefb1b59edb37c4df6d5130778ce473eedb
parentSince this is already included in the base system of all supported (diff)
- Document mozilla -- multiple vulnerabilities
Notes
Notes: svn path=/head/; revision=245976
Diffstat
-rw-r--r--security/vuxml/vuln.xml61
1 files changed, 61 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 84cc3e112d6e..43901dbc60b5 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -35,6 +35,67 @@ Note: Please add new entries to the beginning of this file.
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="01c57d20-ea26-11de-bd39-00248c9b4be7">
+ <topic>mozilla -- multiple vulnerabilities</topic>
+ <affects>
+ <package>
+ <name>firefox</name>
+ <range><gt>3.5.*,1</gt><lt>3.5.6,1</lt></range>
+ <range><gt>3.*,1</gt><lt>3.0.16,1</lt></range>
+ </package>
+ <package>
+ <name>linux-firefox</name>
+ <range><lt>3.0.16,1</lt></range>
+ </package>
+ <package>
+ <name>seamonkey</name>
+ <name>linux-seamonkey</name>
+ <range><lt>2.0.1</lt></range>
+ </package>
+
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Mozilla Porject reports:</p>
+ <blockquote cite="http://www.mozilla.org/security/known-vulnerabilities/">
+ <p>MFSA 2009-71 GeckoActiveXObject exception messages can be used to
+ enumerate installed COM objects</p>
+ <p>MFSA 2009-70 Privilege escalation via chrome window.opener</p>
+ <p>MFSA 2009-69 Location bar spoofing vulnerabilities</p>
+ <p>MFSA 2009-68 NTLM reflection vulnerability</p>
+ <p>MFSA 2009-67 Integer overflow, crash in libtheora video
+ library</p>
+ <p>MFSA 2009-66 Memory safety fixes in liboggplay media library</p>
+ <p>MFSA 2009-65 Crashes with evidence of memory corruption (rv:1.9.1.6/
+ 1.9.0.16)</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2009-3388</cvename>
+ <cvename>CVE-2009-3389</cvename>
+ <cvename>CVE-2009-3979</cvename>
+ <cvename>CVE-2009-3980</cvename>
+ <cvename>CVE-2009-3981</cvename>
+ <cvename>CVE-2009-3982</cvename>
+ <cvename>CVE-2009-3983</cvename>
+ <cvename>CVE-2009-3984</cvename>
+ <cvename>CVE-2009-3985</cvename>
+ <cvename>CVE-2009-3986</cvename>
+ <url>http://www.mozilla.org/security/announce/2009/mfsa2009-71.html</url>
+ <url>http://www.mozilla.org/security/announce/2009/mfsa2009-70.html</url>
+ <url>http://www.mozilla.org/security/announce/2009/mfsa2009-69.html</url>
+ <url>http://www.mozilla.org/security/announce/2009/mfsa2009-68.html</url>
+ <url>http://www.mozilla.org/security/announce/2009/mfsa2009-67.html</url>
+ <url>http://www.mozilla.org/security/announce/2009/mfsa2009-66.html</url>
+ <url>http://www.mozilla.org/security/announce/2009/mfsa2009-65.html</url>
+ </references>
+ <dates>
+ <discovery>2009-12-16</discovery>
+ <entry>2009-12-16</entry>
+ </dates>
+ </vuln>
+
<vuln vid="1b3f854b-e4bd-11de-b276-000d8787e1be">
<topic>freeradius -- remote packet of death vulnerability</topic>
<affects>
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-20 11:59:52 +0000