GLSA Administrator
Joined: 27 Jun 2003 Posts: 4975 Location: Gothenburg, Sweden
|
Posted: Fri Mar 25, 2005 1:23 pm Post subject: [ GLSA 200503-31 ] Mozilla Firefox: Multiple vulnerabilities |
|
|
Gentoo Linux Security Advisory
Title: Mozilla Firefox: Multiple vulnerabilities (GLSA 200503-31)
Severity: normal
Exploitable: remote
Date: March 25, 2005
Bug(s): #86148
ID: 200503-31
Synopsis
Mozilla Firefox 1.0.2 fixes new security vulnerabilities, including the remote execution of arbitrary code through malicious GIF images or sidebars.
Background
Mozilla Firefox is the popular next-generation browser from the Mozilla project.
Affected Packages
Package: www-client/mozilla-firefox
Vulnerable: < 1.0.2
Unaffected: >= 1.0.2
Architectures: All supported architectures
Package: www-client/mozilla-firefox-bin
Vulnerable: < 1.0.2
Unaffected: >= 1.0.2
Architectures: All supported architectures
Description
The following vulnerabilities were found and fixed in Mozilla Firefox: - Mark Dowd from ISS X-Force reported an exploitable heap overrun in the GIF processing of obsolete Netscape extension 2 (CAN-2005-0399)
- Kohei Yoshino discovered that a page bookmarked as a sidebar could bypass privileges control (CAN-2005-0402)
- Michael Krax reported a new way to bypass XUL security restrictions through drag-and-drop of items like scrollbars (CAN-2005-0401)
Impact
- The GIF heap overflow could be triggered by a malicious GIF image that would end up executing arbitrary code with the rights of the user running Firefox
- By tricking the user into bookmarking a malicious page as a Sidebar, a remote attacker could potentially execute arbitrary code with the rights of the user running the browser
- By setting up a malicious website and convincing users to obey very specific drag-and-drop instructions, attackers may leverage drag-and-drop features to bypass XUL security restrictions, which could be used as a stepping stone to exploit other vulnerabilities
Workaround
There is no known workaround at this time.
Resolution
All Mozilla Firefox users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/mozilla-firefox-1.0.2" | All Mozilla Firefox binary users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/mozilla-firefox-bin-1.0.2" |
References
CAN-2005-0399
CAN-2005-0401
CAN-2005-0402
Mozilla Security Advisories
Last edited by GLSA on Sun May 07, 2006 4:55 pm; edited 1 time in total |
|