CVE-2009-1302 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1302): The browser engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to (1) nsAsyncInstantiateEvent::Run, (2) nsStyleContext::Destroy, (3) nsComputedDOMStyle::GetWidth, (4) the xslt_attributeset_ImportSameName.html test case for the XSLT stylesheet compiler, (5) nsXULDocument::SynchronizeBroadcastListener, (6) IsBindingAncestor, (7) PL_DHashTableOperate and nsEditor::EndUpdateViewBatch, and (8) gfxSkipCharsIterator::SetOffsets, and other vectors.
CVE-2009-1303 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1303): The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to nsSVGElement::BindToTree. CVE-2009-1304 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1304): The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving (1) js_FindPropertyHelper, related to the definitions of Math and Date; and (2) js_CheckRedeclaration. CVE-2009-1305 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1305): The JavaScript engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving JSOP_DEFVAR and properties that lack the JSPROP_PERMANENT attribute. CVE-2009-1306 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1306): The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via an uploaded .jar file with a "Content-Disposition: attachment" designation. CVE-2009-1307 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1307): The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to (1) bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; (2) read, create, or modify Local Shared Objects via a Flash file; or (3) bypass unspecified restrictions and render content via vectors involving a jar: URI. CVE-2009-1308 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1308): Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey allows remote attackers to inject arbitrary web script or HTML via vectors involving XBL JavaScript bindings and remote stylesheets, as exploited in the wild by a March 2009 eBay listing. CVE-2009-1309 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1309): Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for (1) XMLHttpRequest, involving a mismatch for a document's principal, and (2) XPCNativeWrapper.toString, involving an incorrect __proto__ scope, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via a crafted document. CVE-2009-1310 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1310): Cross-site scripting (XSS) vulnerability in the MozSearch plugin implementation in Mozilla Firefox before 3.0.9 allows user-assisted remote attackers to inject arbitrary web script or HTML via a javascript: URI in the SearchForm element. CVE-2009-1311 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1311): Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow user-assisted remote attackers to obtain sensitive information via a web page with an embedded frame, which causes POST data from an outer page to be sent to the inner frame's URL during a SAVEMODE_FILEONLY save of the inner frame. CVE-2009-1312 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1312): Mozilla Firefox before 3.0.9 and SeaMonkey do not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the content of a Refresh header.
net-libs/xulrunner-1.9.0.10, www-client/mozilla-firefox[-bin]-3.0.10 are in the tree. There are no thunderbird release planned, and not sure about seamonkey. So let's go ahead meanwhile. net-libs/xulrunner-1.9.0.10: Arches: alpha arm amd64 hppa ia64 ppc ppc64 sparc x86 www-client/mozilla-firefox-3.0.10: Arches: alpha arm amd64 hppa ia64 ppc ppc64 sparc x86 www-client/mozilla-firefox-bin-3.0.10: Arches: amd64 x86
x86 stable
ppc64 done
ppc done
Stable for HPPA: =dev-libs/nspr-4.7.4 =net-libs/xulrunner-1.9.0.10 =www-client/mozilla-firefox-3.0.10
alpha/arm/ia64/sparc stable
amd64 stable, all arches done.
CVE-2009-1313 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1313): The nsTextFrame::ClearTextRun function in layout/generic/nsTextFrameThebes.cpp in Mozilla Firefox 3.0.9 allows remote attackers to cause a denial of service (memory corruption) and probably execute arbitrary code via unspecified vectors. NOTE: this vulnerability reportedly exists because of an incorrect fix for CVE-2009-1302.
Nothing for mozilla team to do here, none of the affected versions/packages are in-tree anymore.
This issue was resolved and addressed in GLSA 201301-01 at http://security.gentoo.org/glsa/glsa-201301-01.xml by GLSA coordinator Sean Amoss (ackle).