Численні уразливості в Mozilla Firefox, Thunderbird, Seamonkey

22:46 26.08.2015

Виявлені численні уразливості безпеки в Mozilla Firefox, Thunderbird, Seamonkey.

Уразливі продукти: Mozilla Firefox ESR 31.8, Firefox 38, Firefox 39, Thunderbird 38.1, SeaMonkey 2.36.

Обхід обмежень, пошкодження пам’яті.

  • MFSA 2015-78 Same origin violation and local file stealing via PDF reader (деталі)
  • MFSA 2015-79 Miscellaneous memory safety hazards (rv:40.0 / rv:38.2) (деталі)
  • MFSA 2015-80 Out-of-bounds read with malformed MP3 file (деталі)
  • MFSA 2015-81 Use-after-free in MediaStream playback (деталі)
  • MFSA 2015-82 Redefinition of non-configurable JavaScript object properties (деталі)
  • MFSA 2015-83 Overflow issues in libstagefright (деталі)
  • MFSA 2015-84 Arbitrary file overwriting throughMozilla Maintenance Service with hard links (деталі)
  • MFSA 2015-85 Out-of-bounds write with Updater and malicious MAR file (деталі)
  • MFSA 2015-86 Feed protocol with POST bypasses mixed content protections (деталі)
  • MFSA 2015-87 Crash when using shared memory in JavaScript (деталі)
  • MFSA 2015-88 Heap overflow in gdk-pixbuf when scaling bitmap images (деталі)
  • MFSA 2015-89 Buffer overflows on Libvpx when decoding WebM video (деталі)
  • MFSA 2015-90 Vulnerabilities found through code inspection (деталі)
  • MFSA 2015-91Mozilla Content Security Policy allows for asterisk wildcards in violation of CSP specification (деталі)
  • MFSA 2015-92 Use-after-free in XMLHttpRequest with shared workers (деталі)
  • MFSA 2015-93 Integer overflows in libstagefright while processing MP4 video metadata (деталі)

Leave a Reply

You must be logged in to post a comment.