Security Advisories for Mozilla Suite

Impact key

• Critical Vulnerability can be used to run attacker code and install software, requiring no user interaction beyond normal browsing.
• High Vulnerability can be used to gather sensitive data from sites in other windows or inject data or code into those sites, requiring no more than normal browsing actions.
• Moderate Vulnerabilities that would otherwise be High or Critical except they only work in uncommon non-default configurations or require the user to perform complicated and/or unlikely steps.
• Low Minor security vulnerabilities such as Denial of Service attacks, minor data leaks, or spoofs. (Undetectable spoofs of SSL indicia would have "High" impact because those are generally used to steal sensitive data intended for other sites.)

# Fixed in Mozilla Suite 1.7.13

• 2006-27 Table Rebuilding Code Execution Vulnerability
• 2006-25 Privilege escalation through Print Preview
• 2006-24 Privilege escalation using crypto.generateCRMFRequest
• 2006-23 File stealing by changing input type
• 2006-22 CSS Letter-Spacing Heap Overflow Vulnerability
• 2006-21 JavaScript execution in mail when forwarding in-line
• 2006-19 Cross-site scripting using .valueOf.call()
• 2006-18 Mozilla Firefox Tag Order Vulnerability
• 2006-17 cross-site scripting through window.controllers
• 2006-16 Accessing XBL compilation scope via valueOf.call()
• 2006-15 Privilege escalation using a JavaScript function's cloned parent
• 2006-14 Privilege escalation via XBL.method.eval
• 2006-13 Downloading executables with "Save Image As..."
• 2006-12 Secure-site spoof (requires security warning dialog)
• 2006-11 Crashes with evidence of memory corruption (rv:1.8)
• 2006-10 JavaScript garbage-collection hazard audit
• 2006-09 Cross-site JavaScript injection using event handlers
• 2006-05 Localstore.rdf XML injection through XULDocument.persist()
• 2006-03 Long document title causes startup denial of service
• 2006-01 JavaScript garbage-collection hazards

# Fixed in Mozilla Suite 1.7.12

• 2005-59 Command-line handling on Linux allows shell execution
• 2005-58 Firefox 1.0.7 / Mozilla Suite 1.7.12 Vulnerability Fixes
• 2005-57 IDN heap overrun using soft-hyphens

# Fixed in Mozilla Suite 1.7.10

• 2005-56 Code execution through shared function objects
• 2005-55 XHTML node spoofing
• 2005-54 Javascript prompt origin spoofing
• 2005-52 Same origin violation: frame calling top.focus()
• 2005-51 The return of frame-injection spoofing
• 2005-50 Exploitable crash in InstallVersion.compareTo
• 2005-48 Same-origin violation with InstallTrigger callback
• 2005-46 XBL scripts ran even when Javascript disabled
• 2005-45 Content-generated event vulnerabilities

# Fixed in Mozilla Suite 1.7.8

• 2005-44 Privilege escalation via non-DOM property overrides
• 2005-43 "Wrapped" javascript: urls bypass security checks
• 2005-42 Code execution via javascript: IconURL

# Fixed in Mozilla Suite 1.7.7

• 2005-41 Privilege escalation via DOM property overrides
• 2005-40 Missing Install object instance checks
• 2005-38 Search plugin cross-site scripting
• 2005-37 Code execution through javascript: favicons
• 2005-36 Cross-site Scripting through global scope pollution
• 2005-35 Showing blocked javascript: popup uses wrong privilege context
• 2005-33 Javascript "lambda" replace exposes memory contents
• 2005-32 Drag and drop loading of privileged XUL

# Fixed in Mozilla Suite 1.7.6

• 2005-30 GIF heap overflow parsing Netscape extension 2
• 2005-29 Internationalized Domain Name (IDN) homograph spoofing
• 2005-28 Unsafe /tmp/plugtmp directory exploitable to erase user's files
• 2005-27 Plugins can be used to load privileged content
• 2005-26 Cross-site scripting by dropping javascript: link on tab
• 2005-25 Image drag and drop executable spoofing
• 2005-24 HTTP auth prompt tab spoofing
• 2005-23 Download dialog source spoofing
• 2005-21 Overwrite arbitrary files downloading .lnk twice
• 2005-20 XSLT can include stylesheets from arbitrary hosts
• 2005-18 Memory overwrite in string library
• 2005-17 Install source spoofing with user:pass@host
• 2005-16 Spoofing download and security dialogs with overlapping windows
• 2005-15 Heap overflow possible in UTF8 to Unicode conversion
• 2005-14 SSL "secure site" indicator spoofing
• 2005-13 Window Injection Spoofing

# Fixed in Mozilla Suite 1.7.5

• 2005-22 Download dialog spoofing using Content-Disposition header
• 2005-11 Mail responds to cookie requests
• 2005-09 Browser responds to proxy auth request from non-proxy server (ssl/https)
• 2005-08 Synthetic middle-click event can steal clipboard contents
• 2005-06 Heap overrun handling malicious news: URL
• 2005-05 Input stealing from other tabs
• 2005-04 Secure site lock can be spoofed with view-source:
• 2005-03 Secure site lock can be spoofed with a binary download
• 2005-02 Opened attachments are temporarily saved world-readable
• 2005-01 Link opened in new tab can load a local file