Vulnerability Bulletins

int(6205)

Vulnerability Bulletins

Publicación de Mozilla Firefox y Thunderbird 11
Vulnerability classification
Property	Value
Confidence level	Oficial
Impact	Obtener acceso
Dificulty	Avanzado
Required attacker level	Acceso remoto sin cuenta a un servicio estandar
System information
Property	Value
Affected manufacturer	Exotic Software
Affected software	Firefox Thunderbird SeaMonkey
Description
Mozilla ha publicado una actualización de alta prioridad que soluciona múltiples vulnerabilidades que exponen a los usuarios de Windows y Mac OS X a un amplio número de ataques. A continuación se muestra la lista de vulnerabilidades solucionadas en esta actualización: MFSA 2012-19 MFSA 2012-18 MFSA 2012-17 MFSA 2012-16 MFSA 2012-15 MFSA 2012-14 MFSA 2012-13 MFSA 2012-12
Solution
Actualizar a la versión 11 mediante la utilidad de actualización incorporada en la aplicación.
Standar resources
Property	Value
CVE	CVE-2012-0461 CVE-2012-0462 CVE-2012-0464 CVE-2012-0463 CVE-2012-0460 CVE-2012-0459 CVE-2012-0451 CVE-2012-0457 CVE-2012-0456 CVE-2012-0455 CVE-2012-0454
BID
Other resources
Security Advisories for Firefox https://www.mozilla.org/security/known-vulnerabilities/firefox.html Miscellaneous memory safety hazards (rv:11.0/ rv:10.0.3 / rv:1.9.2.28) MFSA 2012-19 https://www.mozilla.org/security/announce/2012/mfsa2012-19.html window.fullScreen writeable by untrusted content MFSA 2012-18 https://www.mozilla.org/security/announce/2012/mfsa2012-18.html Crash when accessing keyframe cssText after dynamic modification MFSA 2012-17 https://www.mozilla.org/security/announce/2012/mfsa2012-17.html Escalation of privilege with Javascript: URL as home page MFSA 2012-16 https://www.mozilla.org/security/announce/2012/mfsa2012-16.html XSS with multiple Content Security Policy headers MFSA 2012-15 https://www.mozilla.org/security/announce/2012/mfsa2012-15.html SVG issues found with Address Sanitizer MFSA 2012-14 https://www.mozilla.org/security/announce/2012/mfsa2012-14.html XSS with Drag and Drop and Javascript: URL MFSA 2012-13 https://www.mozilla.org/security/announce/2012/mfsa2012-13.html Use-after-free in shlwapi.dll MFSA 2012-12 https://www.mozilla.org/security/announce/2012/mfsa2012-12.html

Version history
Version	Comments	Date
1.0	Aviso emitido	2012-03-14

Vulnerability Bulletins

Publicación de Mozilla Firefox y Thunderbird 11

Vulnerability classification

System information

Description

Solution

Standar resources

Other resources

Version history