Red Hat Security Advisory: firefox security and bug fix update
🔗 CVE IDs covered (20)
📋 Description
CVE-2012-1956 — Mozilla: Location object can be shadowed using Object.defineProperty (MFSA 2012-59) CVE-2012-3982 — Mozilla: Miscellaneous memory safety hazards (rv:10.0.8) (MFSA 2012-74) CVE-2012-3986 — Mozilla: Some DOMWindowUtils methods bypass security checks (MFSA 2012-77) CVE-2012-3988 — Mozilla: DOS and crash with full screen and history navigation (MFSA 2012-79) CVE-2012-3990 — Mozilla: Use-after-free in the IME State Manager (MFSA 2012-87) CVE-2012-3991 — Mozilla: GetProperty function can bypass security checks (MFSA 2012-81) CVE-2012-3992 — Mozilla: Spoofing and script injection through location.hash (MFSA 2012-84) CVE-2012-3993 — Mozilla: Chrome Object Wrapper (COW) does not disallow acces to privileged functions or properties (MFSA 2012-83) CVE-2012-3994 — Mozilla: top object and location property accessible by plugins (MFSA 2012-82) CVE-2012-3995 — Mozilla: Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer (MFSA 2012-85) CVE-2012-4179 — Mozilla: Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer (MFSA 2012-85) CVE-2012-4180 — Mozilla: Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer (MFSA 2012-85) CVE-2012-4181 — Mozilla: Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer (MFSA 2012-85) CVE-2012-4182 — Mozilla: Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer (MFSA 2012-85) CVE-2012-4183 — Mozilla: Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer (MFSA 2012-85) CVE-2012-4184 — Mozilla: Chrome Object Wrapper (COW) does not disallow acces to privileged functions or properties (MFSA 2012-83) CVE-2012-4185 — Mozilla: Heap memory corruption issues found using Address Sanitizer (MFSA 2012-86) CVE-2012-4186 — Mozilla: Heap memory corruption issues found using Address Sanitizer (MFSA 2012-86) CVE-2012-4187 — Mozilla: Heap memory corruption issues found using Address Sanitizer (MFSA 2012-86) CVE-2012-4188 — Mozilla: Heap memory corruption issues found using Address Sanitizer (MFSA 2012-86)
🔗 References (15)
- selfhttps://access.redhat.com/errata/RHSA-2012:1350
- externalhttps://access.redhat.com/security/updates/classification/#critical
- externalhttp://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=851912
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=863614
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=863618
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=863619
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=863621
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=863622
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=863623
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=863624
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=863625
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=863626
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=863628
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2012/rhsa-2012_1350.json