[6907] | 1 | <date> |
---|
| 2 | 2012,10,10 |
---|
| 3 | |
---|
| 4 | <title> |
---|
| 5 | firefox にセキュリティホール |
---|
| 6 | |
---|
| 7 | <target> |
---|
| 8 | 6.1/i386, 6.1/x86_64 |
---|
| 9 | |
---|
| 10 | <url> |
---|
| 11 | http://www.mozilla-japan.org/security/known-vulnerabilities/firefox.html |
---|
| 12 | http://www.mozilla.org/en-US/firefox/16.0/releasenotes/ |
---|
| 13 | |
---|
| 14 | <info> |
---|
| 15 | firefox に複数の脆弱性が発見されました。 |
---|
[7253] | 16 | <dl> |
---|
| 17 | <dt><a href="https://www.mozilla.org/security/announce/2012/mfsa2012-87.html" class="critical">MFSA 2012-87</a><dt> |
---|
| 18 | <dd>Use-after-free in the IME State Manager</dd> |
---|
| 19 | <dt><a href="https://www.mozilla.org/security/announce/2012/mfsa2012-86.html" class="critical">MFSA 2012-86</a><dt> |
---|
| 20 | <dd>Heap memory corruption issues found using Address Sanitizer</dd> |
---|
| 21 | <dt><a href="https://www.mozilla.org/security/announce/2012/mfsa2012-85.html" class="critical">MFSA 2012-85</a><dt> |
---|
| 22 | <dd>Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer</dd> |
---|
| 23 | <dt><a href="https://www.mozilla.org/security/announce/2012/mfsa2012-84.html" class="high">MFSA 2012-84</a><dt> |
---|
| 24 | <dd>Spoofing and script injection through location.hash</dd> |
---|
| 25 | <dt><a href="https://www.mozilla.org/security/announce/2012/mfsa2012-83.html" class="critical">MFSA 2012-83</a><dt> |
---|
| 26 | <dd>Chrome Object Wrapper (COW) does not disallow acces to privileged functions or properties</dd> |
---|
| 27 | <dt><a href="https://www.mozilla.org/security/announce/2012/mfsa2012-82.html" class="high">MFSA 2012-82</a><dt> |
---|
| 28 | <dd>top object and location property accessible by plugins</dd> |
---|
| 29 | <dt><a href="https://www.mozilla.org/security/announce/2012/mfsa2012-81.html" class="critical">MFSA 2012-81</a><dt> |
---|
| 30 | <dd>GetProperty function can bypass security checks</dd> |
---|
| 31 | <dt><a href="https://www.mozilla.org/security/announce/2012/mfsa2012-80.html" class="critical">MFSA 2012-80</a><dt> |
---|
| 32 | <dd>Crash with invalid cast when using instanceof operator</dd> |
---|
| 33 | <dt><a href="https://www.mozilla.org/security/announce/2012/mfsa2012-79.html" class="critical">MFSA 2012-79</a><dt> |
---|
| 34 | <dd>DOS and crash with full screen and history navigation</dd> |
---|
| 35 | <dt><a href="https://www.mozilla.org/security/announce/2012/mfsa2012-78.html" class="critical">MFSA 2012-78</a><dt> |
---|
| 36 | <dd>Reader Mode pages have chrome privileges</dd> |
---|
| 37 | <dt><a href="https://www.mozilla.org/security/announce/2012/mfsa2012-77.html" class="critical">MFSA 2012-77</a><dt> |
---|
| 38 | <dd>Some DOMWindowUtils methods bypass security checks</dd> |
---|
| 39 | <dt><a href="https://www.mozilla.org/security/announce/2012/mfsa2012-76.html" class="high">MFSA 2012-76</a><dt> |
---|
| 40 | <dd>Continued access to initial origin after setting document.domain</dd> |
---|
| 41 | <dt><a href="https://www.mozilla.org/security/announce/2012/mfsa2012-75.html" class="critical">MFSA 2012-75</a><dt> |
---|
| 42 | <dd>select element persistance allows for attacks</dd> |
---|
| 43 | <dt><a href="https://www.mozilla.org/security/announce/2012/mfsa2012-74.html" class="critical">MFSA 2012-74</a><dt> |
---|
| 44 | <dd>Miscellaneous memory safety hazards (rv:16.0/ rv:10.0.8)</dd> |
---|
| 45 | <dt><a href="https://www.mozilla.org/security/announce/2012/mfsa2012-72.html" class="high">MFSA 2012-72</a><dt> |
---|
| 46 | <dd>Web console eval capable of executing chrome-privileged code</dd> |
---|
| 47 | <dt><a href="https://www.mozilla.org/security/announce/2012/mfsa2012-71.html" class="high">MFSA 2012-71</a><dt> |
---|
| 48 | <dd>Insecure use of __android_log_print</dd> |
---|
| 49 | <dt><a href="https://www.mozilla.org/security/announce/2012/mfsa2012-70.html" class="high">MFSA 2012-70</a><dt> |
---|
| 50 | <dd>Location object security checks bypassed by chrome code</dd> |
---|
| 51 | <dt><a href="https://www.mozilla.org/security/announce/2012/mfsa2012-69.html" class="high">MFSA 2012-69</a><dt> |
---|
| 52 | <dd>Incorrect site SSL certificate data display</dd> |
---|
| 53 | <dt><a href="https://www.mozilla.org/security/announce/2012/mfsa2012-68.html" class="moderate">MFSA 2012-68</a><dt> |
---|
| 54 | <dd>DOMParser loads linked resources in extensions when parsing text/html</dd> |
---|
| 55 | <dt><a href="https://www.mozilla.org/security/announce/2012/mfsa2012-67.html" class="moderate">MFSA 2012-67</a><dt> |
---|
| 56 | <dd>Installer will launch incorrect executable following new installation</dd> |
---|
| 57 | <dt><a href="https://www.mozilla.org/security/announce/2012/mfsa2012-66.html" class="critical">MFSA 2012-66</a><dt> |
---|
| 58 | <dd>HTTPMonitor extension allows for remote debugging without explicit activation</dd> |
---|
| 59 | <dt><a href="https://www.mozilla.org/security/announce/2012/mfsa2012-65.html" class="moderate">MFSA 2012-65</a><dt> |
---|
| 60 | <dd>Out-of-bounds read in format-number in XSLT</dd> |
---|
| 61 | <dt><a href="https://www.mozilla.org/security/announce/2012/mfsa2012-64.html" class="high">MFSA 2012-64</a><dt> |
---|
| 62 | <dd>Graphite 2 memory corruption</dd> |
---|
| 63 | <dt><a href="https://www.mozilla.org/security/announce/2012/mfsa2012-63.html" class="critical">MFSA 2012-63</a><dt> |
---|
| 64 | <dd>SVG buffer overflow and use-after-free issues</dd> |
---|
| 65 | <dt><a href="https://www.mozilla.org/security/announce/2012/mfsa2012-62.html" class="critical">MFSA 2012-62</a><dt> |
---|
| 66 | <dd>WebGL use-after-free and memory corruption</dd> |
---|
| 67 | <dt><a href="https://www.mozilla.org/security/announce/2012/mfsa2012-61.html" class="critical">MFSA 2012-61</a><dt> |
---|
| 68 | <dd>Memory corruption with bitmap format images with negative height</dd> |
---|
| 69 | <dt><a href="https://www.mozilla.org/security/announce/2012/mfsa2012-60.html" class="critical">MFSA 2012-60</a><dt> |
---|
| 70 | <dd>Escalation of privilege through about:newtab</dd> |
---|
| 71 | <dt><a href="https://www.mozilla.org/security/announce/2012/mfsa2012-59.html" class="high">MFSA 2012-59</a><dt> |
---|
| 72 | <dd>Location object can be shadowed using Object.defineProperty</dd> |
---|
| 73 | <dt><a href="https://www.mozilla.org/security/announce/2012/mfsa2012-58.html" class="critical">MFSA 2012-58</a><dt> |
---|
| 74 | <dd>Use-after-free issues found using Address Sanitizer</dd> |
---|
| 75 | <dt><a href="https://www.mozilla.org/security/announce/2012/mfsa2012-57.html" class="critical">MFSA 2012-57</a><dt> |
---|
| 76 | <dd>Miscellaneous memory safety hazards (rv:15.0/ rv:10.0.7)</dd> |
---|
| 77 | </dl> |
---|
[6909] | 78 | <br/> |
---|
[6907] | 79 | この更新により、firefox-16.0 にアップデートされます。<br/> |
---|
| 80 | また、一部ページによってクラッシュを起こしやすい場合がありましたが、その修正も含まれています。 |
---|
| 81 | |
---|
| 82 | <directory> |
---|
| 83 | Vine-6.1/updates/RPMS/i386 |
---|
| 84 | Vine-6.1/updates/RPMS/x86_64 |
---|
| 85 | |
---|
| 86 | <update> |
---|
| 87 | [ size ] [ SHA1 checksum ] [ file name ] |
---|
| 88 | 89398766 7678bde563ba7ff38401ab01ea33131515ce104e firefox-16.0-1vl6.src.rpm |
---|
| 89 | 21028370 1033255566ebf5e65ad62788dc39a78619cacb4e firefox-16.0-1vl6.i686.rpm |
---|
| 90 | 20703431 1b32d243db8e6ee721062ed1fe5ce7e4f79fb995 firefox-16.0-1vl6.x86_64.rpm |
---|