Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Mozilla Firefox / Seamonkey
Опубликовано:25 июня 2010 г.
Источник:
SecurityVulns ID:10955
Тип:клиент
Уровень опасности:
8/10
Описание:Многочисленные повреждения памяти, целочисленное переполнение, использование после освобождения, утечка информации, переполнение буфера, обход фильтрации содержимого.
Затронутые продукты:MOZILLA : SeaMonkey 2.0
 MOZILLA : Firefox 3.5
 MOZILLA : Firefox 3.6
 MOZILLA : Thunderbird 3.0
 MOZILLA : Firefox 3.6
 MOZILLA : Firefox 3.5
CVE:CVE-2010-1203 (The JavaScript engine in Mozilla Firefox 3.6.x before 3.6.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger an assertion failure in jstracer.cpp.)
 CVE-2010-1202 (Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.)
 CVE-2010-1201 (Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.10, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.)
 CVE-2010-1200 (Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.)
 CVE-2010-1199 (Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node.)
 CVE-2010-1198 (Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to execute arbitrary code via vectors involving multiple plugin instances.)
 CVE-2010-1197 (Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, does not properly handle situations in which both "Content-Disposition: attachment" and "Content-Type: multipart" are present in HTTP headers, which allows remote attackers to conduct cross-site scripting (XSS) attacks via an uploaded HTML document.)
 CVE-2010-1196 (Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM node with a long text value that triggers a heap-based buffer overflow.)
 CVE-2010-1125 (The JavaScript implementation in Mozilla Firefox 3.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via certain calls to the focus method.)
 CVE-2010-0183 (Use-after-free vulnerability in the nsCycleCollector::MarkRoots function in Mozilla Firefox 3.5.x before 3.5.10 and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a crafted HTML document, related to an improper frame construction process for menus.)
 CVE-2008-5913 (An unspecified function in the JavaScript implementation in Mozilla Firefox creates and exposes a "temporary footprint" when there is a current login to a web site, which makes it easier for remote attackers to trick a user into acting upon a spoofed pop-up message, aka an "in-session phishing attack." NOTE: as of 20090116, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.)
Оригинальный текстdocumentZDI, ZDI-10-113: Mozilla Firefox XSLT Sort Remote Code Execution Vulnerability (25.06.2010)
 documentMOZILLA, Mozilla Foundation Security Advisory 2010-33 (25.06.2010)
 documentMOZILLA, Mozilla Foundation Security Advisory 2010-32 (25.06.2010)
 documentMOZILLA, Mozilla Foundation Security Advisory 2010-31 (25.06.2010)
 documentMOZILLA, Mozilla Foundation Security Advisory 2010-30 (25.06.2010)
 documentMOZILLA, Mozilla Foundation Security Advisory 2010-29 (25.06.2010)
 documentMOZILLA, Mozilla Foundation Security Advisory 2010-28 (25.06.2010)
 documentMOZILLA, Mozilla Foundation Security Advisory 2010-27 (25.06.2010)
 documentMOZILLA, Mozilla Foundation Security Advisory 2010-26 (25.06.2010)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород