505087 : vulnerable Mozilla Firefox version: 14.0.1

Risk 5 : Web Services

A remote attacker could execute arbitrary commands on a client system, disclose certain sensitive information, or bypass certain security restrictions when the client browses to a malicious web site hosted by the attacker.

Mozilla is an Internet package containing a web browser, e-mail client, address book, and web page editor. Mozilla SeaMonkey is an application suite including web-browser, e-mail and newsgroup client, IRC chat client, and HTML editor. Mozilla Firefox is an enhancement of the Mozilla web browser.

Cyberfox is a 64-bit browser based on Mozilla Firefox browser. This software is compatible with Windows Vista, Windows 7, and Windows 8.

The Simple Object Access Protocol (SOAP) is a protocol which allows two applications to communicate using XML.

As a client application, all vulnerabilities in Firefox are caused when a crafted file or web page is accessed.

Multiple Vulnerabilities fixed in Firefox 26, SeaMonkey 2.23, and Cyberfox 26.0

12/16/13 CVE 2013-5609 CVE 2013-5610 CVE 2013-5611 CVE 2013-5612 CVE 2013-5613 CVE 2013-5614 CVE 2013-5615 CVE 2013-5616 CVE 2013-5618 CVE 2013-5619 CVE 2013-6629 CVE 2013-6630 CVE 2013-6671 CVE 2013-6672 CVE 2013-6673 Firefox 26 and 24.2, SeaMonkey 2.23 and Cyberfox 26.0 fixed multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system.

Multiple Vulnerabilities fixed in Firefox 25.0.1, SeaMonkey 2.22.1, and Cyberfox 25.0.1

11/21/13 CVE 2013-1741 CVE 2013-2566 CVE 2013-5605 CVE 2013-5606 CVE 2013-5607 Firefox 25.0.1, 24.1.1, and 17.0.11, SeaMonkey 2.22.1, and Cyberfox 25.0.1 fixed multiple vulnerabilities, which can be exploited to bypass certain security restrictions and compromise a user's system. The vulnerabilities are due to vulnerable version of Network Security Services (NSS) library used in Mozilla projects.

Multiple Vulnerabilities fixed in Firefox 25.0, SeaMonkey 2.22, and Cyberfox 25.0

11/07/13 CVE 2013-5590 CVE 2013-5591 CVE 2013-5592 CVE 2013-5593 CVE 2013-5595 CVE 2013-5596 CVE 2013-5597 CVE 2013-5598 CVE 2013-5599 CVE 2013-5600 CVE 2013-5601 CVE 2013-5602 CVE 2013-5603 CVE 2013-5604 Firefox 25.0, 24.1, and 17.0.10, SeaMonkey 2.22, and Cyberfox 25.0 fixed multiple vulnerabilities, which can be exploited to conduct spoofing attacks and compromise a user's system.

Multiple Vulnerabilities fixed in Firefox 24.0 and 17.0.9, SeaMonkey 2.21, and Cyberfox 24.0

09/26/13 CVE 2013-1718 CVE 2013-1719 CVE 2013-1720 CVE 2013-1721 CVE 2013-1722 CVE 2013-1724 CVE 2013-1725 CVE 2013-1726 CVE 2013-1728 CVE 2013-1729 CVE 2013-1730 CVE 2013-1732 CVE 2013-1735 CVE 2013-1736 CVE 2013-1737 CVE 2013-1738 Firefox 24.0 and 17.0.9, SeaMonkey 2.21, and Cyberfox 24.0 fixed multiple vulnerabilities, which can be exploited to gain escalated privileges, disclose potentially sensitive information, bypass certain security restrictions, and compromise a user's system.

Multiple Vulnerabilities fixed in Firefox 23.0 and 17.0.8, SeaMonkey 2.20, and Cyberfox 23.0

08/13/13 CVE 2013-1701 CVE 2013-1702 CVE 2013-1704 CVE 2013-1705 CVE 2013-1706 CVE 2013-1707 CVE 2013-1709 CVE 2013-1710 CVE 2013-1711 CVE 2013-1713 CVE 2013-1714 CVE 2013-1717 Firefox 23.0 and 17.0.8, SeaMonkey 2.20, and Cyberfox 23.0 fixed multiple vulnerabilities, which can be exploited to gain escalated privileges, conduct spoofing attacks, disclose potentially sensitive information, bypass certain security restrictions, and compromise a user's system.

Multiple Vulnerabilities fixed in Firefox 22.0 and 17.0.7

06/27/13 CVE 2013-1682 CVE 2013-1683 CVE 2013-1684 CVE 2013-1685 CVE 2013-1686 CVE 2013-1687 CVE 2013-1688 CVE 2013-1690 CVE 2013-1692 CVE 2013-1693 CVE 2013-1694 CVE 2013-1695 CVE 2013-1696 CVE 2013-1697 CVE 2013-1698 CVE 2013-1699 CVE 2013-1700 Firefox 22.0 and 17.0.7 fixed multiple vulnerabilities, which can be exploited to disclose potentially sensitive information, bypass certain security restrictions, and compromise a user's system.

Multiple Vulnerabilities fixed in Firefox 21.0 and 17.0.6

05/16/13 CVE 2013-0801 CVE 2013-1669 CVE 2013-1670 CVE 2013-1672 CVE 2013-1673 CVE 2013-1674 CVE 2013-1678 CVE 2013-1679 CVE 2013-1680 CVE 2013-1681 Firefox 21.0 and 17.0.6 fixed multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

Multiple Vulnerabilities fixed in Firefox 20.0 and 17.0.5 and SeaMonkey 2.17

04/04/13 CVE 2013-0788 CVE 2013-0789 CVE 2013-0791 CVE 2013-0792 CVE 2013-0793 CVE 2013-0794 CVE 2013-0795 CVE 2013-0796 CVE 2013-0797 CVE 2013-0799 CVE 2013-0800 Firefox 20.0 and 17.0.5 and SeaMonkey 2.17 fixed multiple vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct spoofing and cross-site scripting attacks and compromise a user's system.

HTML Editor Use-After-Free Vulnerability

03/11/13 CVE 2013-0787 Firefox 19.0.2 and 17.0.4 and SeaMonkey 2.16.1 fixed a vulnerability, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a use-after-free error within the HTML editor when content script is run by the "document.execCommand()" function while performing certain internal editing operations. This can be exploited to reference data from already freed memory.

Multiple Vulnerabilities fixed in Firefox 19.0 and 17.0.3 and SeaMonkey 2.16

02/21/13 CVE 2013-0765 CVE 2013-0772 CVE 2013-0773 CVE 2013-0774 CVE 2013-0775 CVE 2013-0776 CVE 2013-0777 CVE 2013-0778 CVE 2013-0779 CVE 2013-0780 CVE 2013-0781 CVE 2013-0782 CVE 2013-0783 CVE 2013-0784 Firefox 19.0 and 17.0.3 and SeaMonkey 2.16 fixed multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct spoofing attacks, bypass certain security restrictions, and compromise a user's system.

Multiple Vulnerabilities fixed in Firefox 17.0.2 and 10.0.12 and SeaMonkey 2.15

01/10/13 CVE 2013-0744 CVE 2013-0745 CVE 2013-0746 CVE 2013-0747 CVE 2013-0748 CVE 2013-0749 CVE 2013-0750 CVE 2013-0751 CVE 2013-0752 CVE 2013-0753 CVE 2013-0754 CVE 2013-0755 CVE 2013-0756 CVE 2013-0757 CVE 2013-0758 CVE 2013-0759 CVE 2013-0760 CVE 2013-0761 CVE 2013-0762 CVE 2013-0763 CVE 2013-0764 CVE 2013-0766 CVE 2013-0767 CVE 2013-0768 CVE 2013-0769 CVE 2013-0770 CVE 2013-0771 Firefox 17.0.2 and 10.0.12 and SeaMonkey 2.15 fixed multiple vulnerabilities, which can be exploited by malicious people to conduct spoofing attacks, bypass certain security restrictions, disclose sensitive information, and compromise a user's system.

Multiple Vulnerabilities fixed in Firefox 17.0 and 10.0.11 and SeaMonkey 2.14

11/22/12 CVE 2012-4201 CVE 2012-4202 CVE 2012-4203 CVE 2012-4204 CVE 2012-4205 CVE 2012-4206 CVE 2012-4207 CVE 2012-4208 CVE 2012-4209 CVE 2012-4210 CVE 2012-4212 CVE 2012-4213 CVE 2012-4214 CVE 2012-4215 CVE 2012-4216 CVE 2012-4217 CVE 2012-4218 CVE 2012-5829 CVE 2012-5830 CVE 2012-5833 CVE 2012-5835 CVE 2012-5836 CVE 2012-5837 CVE 2012-5838 CVE 2012-5839 CVE 2012-5840 CVE 2012-5841 CVE 2012-5842 CVE 2012-5843 Firefox 17.0 and 10.0.11 and SeaMonkey 2.14 fixed multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, and compromise a user's system.

Multiple Vulnerabilities fixed in Firefox 16.0.2 and 10.0.10 and SeaMonkey 2.13.2

10/30/12 CVE 2012-4194 CVE 2012-4195 CVE 2012-4196 Firefox 16.0.2, 10.0.10, and SeaMonkey 2.13.2 fixed multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks and bypass certain security restrictions.

Multiple Vulnerabilities fixed in Firefox 16.0.1 and 10.0.9 and SeaMonkey 2.13.1

10/15/12 CVE 2012-4190 CVE 2012-4191 CVE 2012-4192 CVE 2012-4193 Firefox 16.0.1, 10.0.9, and SeaMonkey 2.13.1 fixed multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

Multiple Vulnerabilities fixed in Firefox 16 and 10.8 and SeaMonkey 2.13

10/11/12 CVE 2012-3982 CVE 2012-3983 CVE 2012-3984 CVE 2012-3985 CVE 2012-3986 CVE 2012-3987 CVE 2012-3988 CVE 2012-3989 CVE 2012-3990 CVE 2012-3991 CVE 2012-3992 CVE 2012-3993 CVE 2012-3994 CVE 2012-3995 CVE 2012-4179 CVE 2012-4180 CVE 2012-4181 CVE 2012-4182 CVE 2012-4183 CVE 2012-4185 CVE 2012-4186 CVE 2012-4187 CVE 2012-4188 Firefox 16.0, 10.0.8, and SeaMonkey 2.13 fixed multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system.

Multiple Vulnerabilities fixed in Mozilla Firefox 15 and SeaMonkey 2.12

08/30/12 CVE 2012-1956 CVE 2012-1970 CVE 2012-1971 CVE 2012-1972 CVE 2012-1973 CVE 2012-1974 CVE 2012-1975 CVE 2012-1976 CVE 2012-3956 CVE 2012-3957 CVE 2012-3958 CVE 2012-3959 CVE 2012-3960 CVE 2012-3961 CVE 2012-3962 CVE 2012-3963 CVE 2012-3964 CVE 2012-3965 CVE 2012-3966 CVE 2012-3967 CVE 2012-3968 CVE 2012-3969 CVE 2012-3970 CVE 2012-3971 CVE 2012-3972 CVE 2012-3973 CVE 2012-3974 CVE 2012-3975 CVE 2012-3976 CVE 2012-3977 CVE 2012-3978 CVE 2012-3980 Firefox 15 and SeaMonkey 2.12 fixed multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting and phishing attacks, and compromise a user's system.

For information on most of the above bugs, see http://www.mozilla.org/projects/security/known-vulnerabilities.html Known Vulnerabilities in Mozilla.

The multiple vulnerabilities fixed in Firefox 26, SeaMonkey 2.23, and Cyberfox 26.0 were reported in http://secunia.com/advisories/56002/ Secunia Advisory SA56002, http://secunia.com/advisories/56005/ Secunia Advisory SA56005, http://secunia.com/advisories/56050/ Secunia Advisory SA56050, http://www.mozilla.org/security/announce/2013/mfsa2013-104.html mfsa2013-104, http://www.mozilla.org/security/announce/2013/mfsa2013-105.html mfsa2013-105, http://www.mozilla.org/security/announce/2013/mfsa2013-106.html mfsa2013-106, http://www.mozilla.org/security/announce/2013/mfsa2013-107.html mfsa2013-107, http://www.mozilla.org/security/announce/2013/mfsa2013-108.html mfsa2013-108, http://www.mozilla.org/security/announce/2013/mfsa2013-109.html mfsa2013-109, http://www.mozilla.org/security/announce/2013/mfsa2013-111.html mfsa2013-111, http://www.mozilla.org/security/announce/2013/mfsa2013-112.html mfsa2013-112, http://www.mozilla.org/security/announce/2013/mfsa2013-113.html mfsa2013-113, http://www.mozilla.org/security/announce/2013/mfsa2013-114.html mfsa2013-114, http://www.mozilla.org/security/announce/2013/mfsa2013-115.html mfsa2013-115, and http://www.mozilla.org/security/announce/2013/mfsa2013-116.html mfsa2013-116.

The multiple vulnerabilities fixed in Firefox 25.0.1, SeaMonkey 2.22.1, and Cyberfox 25.0.1 were reported in http://www.mozilla.org/security/announce/2013/mfsa2013-103.html mfsa2013-103, http://secunia.com/advisories/55732/ Secunia Advisory SA55732, and http://secunia.com/advisories/55766/ Secunia Advisory SA55766.

The multiple vulnerabilities fixed in Firefox 25.0, SeaMonkey 2.22, and Cyberfox 25.0 were reported in http://www.mozilla.org/security/announce/2013/mfsa2013-93.html mfsa2013-93, http://www.mozilla.org/security/announce/2013/mfsa2013-94.html mfsa2013-94, http://www.mozilla.org/security/announce/2013/mfsa2013-95.html mfsa2013-95, http://www.mozilla.org/security/announce/2013/mfsa2013-96.html mfsa2013-96, http://www.mozilla.org/security/announce/2013/mfsa2013-97.html mfsa2013-97, http://www.mozilla.org/security/announce/2013/mfsa2013-98.html mfsa2013-98, http://www.mozilla.org/security/announce/2013/mfsa2013-99.html mfsa2013-99, http://www.mozilla.org/security/announce/2013/mfsa2013-100.html mfsa2013-100, http://www.mozilla.org/security/announce/2013/mfsa2013-101.html mfsa2013-101, and http://www.mozilla.org/security/announce/2013/mfsa2013-102.html mfsa2013-102.

The multiple vulnerabilities fixed in Firefox 24.0 and 17.0.9, SeaMonkey 2.21, and Cyberfox 23.0 were reported in http://www.mozilla.org/security/announce/2013/mfsa2013-76.html mfsa2013-76, http://www.mozilla.org/security/announce/2013/mfsa2013-77.html mfsa2013-77, http://www.mozilla.org/security/announce/2013/mfsa2013-78.html mfsa2013-78, http://www.mozilla.org/security/announce/2013/mfsa2013-79.html mfsa2013-79, http://www.mozilla.org/security/announce/2013/mfsa2013-81.html mfsa2013-81, http://www.mozilla.org/security/announce/2013/mfsa2013-82.html mfsa2013-82, http://www.mozilla.org/security/announce/2013/mfsa2013-83.html mfsa2013-83, http://www.mozilla.org/security/announce/2013/mfsa2013-85.html mfsa2013-85, http://www.mozilla.org/security/announce/2013/mfsa2013-86.html mfsa2013-86, http://www.mozilla.org/security/announce/2013/mfsa2013-88.html mfsa2013-88, http://www.mozilla.org/security/announce/2013/mfsa2013-89.html mfsa2013-89, http://www.mozilla.org/security/announce/2013/mfsa2013-90.html mfsa2013-90, http://www.mozilla.org/security/announce/2013/mfsa2013-91.html mfsa2013-91, http://www.mozilla.org/security/announce/2013/mfsa2013-92.html mfsa2013-92, and http://secunia.com/community/advisories/54821 Secunia Advisory SA54821.

The multiple vulnerabilities fixed in Firefox 23.0 and 17.0.8, SeaMonkey 2.20, and Cyberfox 23.0 were reported in http://www.mozilla.org/security/announce/2013/mfsa2013-63.html mfsa2013-63, http://www.mozilla.org/security/announce/2013/mfsa2013-64.html mfsa2013-64, http://www.mozilla.org/security/announce/2013/mfsa2013-65.html mfsa2013-65, http://www.mozilla.org/security/announce/2013/mfsa2013-66.html mfsa2013-66, http://www.mozilla.org/security/announce/2013/mfsa2013-68.html mfsa2013-68, http://www.mozilla.org/security/announce/2013/mfsa2013-69.html mfsa2013-69, http://www.mozilla.org/security/announce/2013/mfsa2013-70.html mfsa2013-70, http://www.mozilla.org/security/announce/2013/mfsa2013-72.html mfsa2013-72, http://www.mozilla.org/security/announce/2013/mfsa2013-73.html mfsa2013-73, http://www.mozilla.org/security/announce/2013/mfsa2013-75.html mfsa2013-75, and http://secunia.com/advisories/54385/ Secunia Advisory SA54385.

The multiple vulnerabilities fixed in Firefox 22.0 and 17.0.7 were reported in http://www.mozilla.org/security/announce/2013/mfsa2013-49.html mfsa2013-49, http://www.mozilla.org/security/announce/2013/mfsa2013-50.html mfsa2013-50, http://www.mozilla.org/security/announce/2013/mfsa2013-51.html mfsa2013-51, http://www.mozilla.org/security/announce/2013/mfsa2013-53.html mfsa2013-53, http://www.mozilla.org/security/announce/2013/mfsa2013-55.html mfsa2013-55, http://www.mozilla.org/security/announce/2013/mfsa2013-56.html mfsa2013-56, and http://www.mozilla.org/security/announce/2013/mfsa2013-59.html mfsa2013-59.

The multiple vulnerabilities fixed in Firefox 21.0 and 17.0.6 were reported in http://www.mozilla.org/security/announce/2013/mfsa2013-41.html mfsa2013-41, http://www.mozilla.org/security/announce/2013/mfsa2013-42.html mfsa2013-42, http://www.mozilla.org/security/announce/2013/mfsa2013-44.html mfsa2013-44, http://www.mozilla.org/security/announce/2013/mfsa2013-45.html mfsa2013-45, http://www.mozilla.org/security/announce/2013/mfsa2013-46.html mfsa2013-46, and http://www.mozilla.org/security/announce/2013/mfsa2013-48.html mfsa2013-48.

The multiple vulnerabilities fixed in Firefox 20.0 and 17.0.5 and SeaMonkey 2.17 were reported in http://www.mozilla.org/security/announce/2013/mfsa2013-30.html mfsa2013-30, http://www.mozilla.org/security/announce/2013/mfsa2013-31.html mfsa2013-31, http://www.mozilla.org/security/announce/2013/mfsa2013-32.html mfsa2013-32, http://www.mozilla.org/security/announce/2013/mfsa2013-34.html mfsa2013-34, http://www.mozilla.org/security/announce/2013/mfsa2013-35.html mfsa2013-35, http://www.mozilla.org/security/announce/2013/mfsa2013-36.html mfsa2013-36, http://www.mozilla.org/security/announce/2013/mfsa2013-37.html mfsa2013-37, http://www.mozilla.org/security/announce/2013/mfsa2013-38.html mfsa2013-38, http://www.mozilla.org/security/announce/2013/mfsa2013-39.html mfsa2013-39, and http://www.mozilla.org/security/announce/2013/mfsa2013-40.html mfsa2013-40.

The HTML Editor Use-After-Free vulnerability was reported in http://www.mozilla.org/security/announce/2013/mfsa2013-29.html mfsa2013-29.

The multiple vulnerabilities fixed in Firefox 19.0 and 17.0.3 and SeaMonkey 2.16 were reported in http://www.mozilla.org/security/announce/2013/mfsa2013-21.html mfsa2013-21, http://www.mozilla.org/security/announce/2013/mfsa2013-22.html mfsa2013-22, http://www.mozilla.org/security/announce/2013/mfsa2013-23.html mfsa2013-23, http://www.mozilla.org/security/announce/2013/mfsa2013-24.html mfsa2013-24, http://www.mozilla.org/security/announce/2013/mfsa2013-25.html mfsa2013-25, http://www.mozilla.org/security/announce/2013/mfsa2013-26.html mfsa2013-26, http://www.mozilla.org/security/announce/2013/mfsa2013-27.html mfsa2013-27, and http://www.mozilla.org/security/announce/2013/mfsa2013-28.html mfsa2013-28.

The multiple vulnerabilities fixed in Firefox 17.0.2 and 10.0.12 and SeaMonkey 2.15 were reported in http://www.mozilla.org/security/announce/2013/mfsa2013-01.html mfsa2013-01, http://www.mozilla.org/security/announce/2013/mfsa2013-02.html mfsa2013-02, http://www.mozilla.org/security/announce/2013/mfsa2013-03.html mfsa2013-03, http://www.mozilla.org/security/announce/2013/mfsa2013-04.html mfsa2013-04, http://www.mozilla.org/security/announce/2013/mfsa2013-05.html mfsa2013-05, http://www.mozilla.org/security/announce/2013/mfsa2013-06.html mfsa2013-06, http://www.mozilla.org/security/announce/2013/mfsa2013-07.html mfsa2013-07, http://www.mozilla.org/security/announce/2013/mfsa2013-08.html mfsa2013-08, http://www.mozilla.org/security/announce/2013/mfsa2013-09.html mfsa2013-09, http://www.mozilla.org/security/announce/2013/mfsa2013-10.html mfsa2013-10, http://www.mozilla.org/security/announce/2013/mfsa2013-11.html mfsa2013-11, http://www.mozilla.org/security/announce/2013/mfsa2013-12.html mfsa2013-12, http://www.mozilla.org/security/announce/2013/mfsa2013-13.html mfsa2013-13, http://www.mozilla.org/security/announce/2013/mfsa2013-14.html mfsa2013-14, http://www.mozilla.org/security/announce/2013/mfsa2013-15.html mfsa2013-15, http://www.mozilla.org/security/announce/2013/mfsa2013-16.html mfsa2013-16, http://www.mozilla.org/security/announce/2013/mfsa2013-17.html mfsa2013-17, http://www.mozilla.org/security/announce/2013/mfsa2013-18.html mfsa2013-18, and http://www.mozilla.org/security/announce/2013/mfsa2013-19.html mfsa2013-19.

The multiple vulnerabilities fixed in Firefox 17.0 and 10.0.11 and SeaMonkey 2.14 were reported in http://www.mozilla.org/security/announce/2012/mfsa2012-91.html mfsa2012-91, http://www.mozilla.org/security/announce/2012/mfsa2012-92.html mfsa2012-92, http://www.mozilla.org/security/announce/2012/mfsa2012-93.html mfsa2012-93, http://www.mozilla.org/security/announce/2012/mfsa2012-94.html mfsa2012-94, http://www.mozilla.org/security/announce/2012/mfsa2012-95.html mfsa2012-95, http://www.mozilla.org/security/announce/2012/mfsa2012-96.html mfsa2012-96, http://www.mozilla.org/security/announce/2012/mfsa2012-97.html mfsa2012-97, http://www.mozilla.org/security/announce/2012/mfsa2012-98.html mfsa2012-98, http://www.mozilla.org/security/announce/2012/mfsa2012-99.html mfsa2012-99, http://www.mozilla.org/security/announce/2012/mfsa2012-100.html mfsa2012-100, http://www.mozilla.org/security/announce/2012/mfsa2012-102.html mfsa2012-102, http://www.mozilla.org/security/announce/2012/mfsa2012-103.html mfsa2012-103, http://www.mozilla.org/security/announce/2012/mfsa2012-104.html mfsa2012-104, http://www.mozilla.org/security/announce/2012/mfsa2012-105.html mfsa2012-105, and http://www.mozilla.org/security/announce/2012/mfsa2012-106.html mfsa2012-106.

The multiple vulnerabilities fixed in Firefox 16.0.2 and 10.0.10 and SeaMonkey 2.13.2 were reported in http://www.mozilla.org/security/announce/2012/mfsa2012-90.html mfsa2012-90, and http://secunia.com/advisories/51144/ Secunia Advisory SA51144.

The multiple vulnerabilities fixed in Firefox 16.0.1 and 10.0.9 and SeaMonkey 2.13.1 were reported in http://www.mozilla.org/security/announce/2012/mfsa2012-88.html mfsa2012-88, and http://www.mozilla.org/security/announce/2012/mfsa2012-89.html mfsa2012-89.

The multiple vulnerabilities fixed in Firefox 16 and 10.8 and SeaMonkey 2.13 were reported in http://www.mozilla.org/security/announce/2012/mfsa2012-74.html mfsa2012-74, http://www.mozilla.org/security/announce/2012/mfsa2012-75.html mfsa2012-75, http://www.mozilla.org/security/announce/2012/mfsa2012-76.html mfsa2012-76, http://www.mozilla.org/security/announce/2012/mfsa2012-77.html mfsa2012-77, http://www.mozilla.org/security/announce/2012/mfsa2012-78.html mfsa2012-78, http://www.mozilla.org/security/announce/2012/mfsa2012-79.html mfsa2012-79, http://www.mozilla.org/security/announce/2012/mfsa2012-80.html mfsa2012-80, http://www.mozilla.org/security/announce/2012/mfsa2012-81.html mfsa2012-81, http://www.mozilla.org/security/announce/2012/mfsa2012-82.html mfsa2012-82, http://www.mozilla.org/security/announce/2012/mfsa2012-83.html mfsa2012-83, http://www.mozilla.org/security/announce/2012/mfsa2012-84.html mfsa2012-84, http://www.mozilla.org/security/announce/2012/mfsa2012-85.html mfsa2012-85, http://www.mozilla.org/security/announce/2012/mfsa2012-86.html mfsa2012-86, and http://www.mozilla.org/security/announce/2012/mfsa2012-87.html mfsa2012-87.

The multiple vulnerabilities fixed in Mozilla Firefox 15 and SeaMonkey 2.12 were reported in http://www.mozilla.org/security/announce/2012/mfsa2012-57.html mfsa2012-57, http://www.mozilla.org/security/announce/2012/mfsa2012-58.html mfsa2012-58, http://www.mozilla.org/security/announce/2012/mfsa2012-59.html mfsa2012-59, http://www.mozilla.org/security/announce/2012/mfsa2012-60.html mfsa2012-60, http://www.mozilla.org/security/announce/2012/mfsa2012-61.html mfsa2012-61, http://www.mozilla.org/security/announce/2012/mfsa2012-62.html mfsa2012-62, http://www.mozilla.org/security/announce/2012/mfsa2012-63.html mfsa2012-63, http://www.mozilla.org/security/announce/2012/mfsa2012-64.html mfsa2012-64, http://www.mozilla.org/security/announce/2012/mfsa2012-65.html mfsa2012-65, http://www.mozilla.org/security/announce/2012/mfsa2012-66.html mfsa2012-66, http://www.mozilla.org/security/announce/2012/mfsa2012-67.html mfsa2012-67, http://www.mozilla.org/security/announce/2012/mfsa2012-68.html mfsa2012-68, http://www.mozilla.org/security/announce/2012/mfsa2012-69.html mfsa2012-69, http://www.mozilla.org/security/announce/2012/mfsa2012-70.html mfsa2012-70, http://www.mozilla.org/security/announce/2012/mfsa2012-71.html mfsa2012-71, and http://www.mozilla.org/security/announce/2012/mfsa2012-72.html mfsa2012-72.

Solution:

http://www.mozilla.org/download.html Upgrade to SeaMonkey 2.23 or higher, or Firefox higher than 17.0.11 for 17.x, or Firefox 24.2 or higher, or Firefox higher than 25.0.1 for 25.x, or Firefox 26, or install the latest http://www.mozilla.org/developer/#builds nightly build.

Note: In later versions of Debian, Firefox is http://en.wikipedia.org/wiki/Naming_conflict_between_Debian_and_Mozilla known as Iceweasel and SeaMonkey as Iceape.

For Cyberfox, https://8pecxstudios.com/?page_id=52 Upgrade to Cyberfox 26.0 or higher.

References:
CVSS Information:
Low Attack Complexity, Complete Confidentiality Impact, Complete Integrity Impact, Complete Availability Impact
Credit:
Saint Coorporation : 2011-02-08
New Search
Keywords
Risk Factor
Start Date
End Date
Browse