Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[ GLSA 200504-18 ] Mozilla Firefox, Mozilla Suite: Multiple vulnerabilities
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index News & Announcements
View previous topic :: View next topic  
Author Message
GLSA
Moderator
Moderator


Joined: 13 Jun 2003
Posts: 4087
Location: Dresden, Germany

PostPosted: Tue Apr 19, 2005 12:36 pm    Post subject: [ GLSA 200504-18 ] Mozilla Firefox, Mozilla Suite: Multiple Reply with quote

Gentoo Linux Security Advisory

Title: Mozilla Firefox, Mozilla Suite: Multiple vulnerabilities (GLSA 200504-18)
Severity: normal
Exploitable: remote
Date: April 19, 2005
Updated: May 22, 2006
Bug(s): #89303, #89305
ID: 200504-18

Synopsis


New Mozilla Firefox and Mozilla Suite releases fix new security
vulnerabilities, including memory disclosure and various ways of executing
JavaScript code with elevated privileges.


Background


The Mozilla Suite is a popular all-in-one web browser that includes a
mail and news reader. Mozilla Firefox is the next-generation browser
from the Mozilla project.


Affected Packages

Package: www-client/mozilla-firefox
Vulnerable: < 1.0.3
Unaffected: >= 1.0.3
Architectures: All supported architectures

Package: www-client/mozilla-firefox-bin
Vulnerable: < 1.0.3
Unaffected: >= 1.0.3
Architectures: All supported architectures

Package: www-client/mozilla
Vulnerable: < 1.7.7
Unaffected: >= 1.7.7
Architectures: All supported architectures

Package: www-client/mozilla-bin
Vulnerable: < 1.7.7
Unaffected: >= 1.7.7
Architectures: All supported architectures


Description


The following vulnerabilities were found and fixed in the Mozilla Suite
and Mozilla Firefox:
  • Vladimir V. Perepelitsa reported a memory disclosure bug in
    JavaScript's regular expression string replacement when using an
    anonymous function as the replacement argument (CAN-2005-0989).
  • moz_bug_r_a4 discovered that Chrome UI code was overly trusting DOM
    nodes from the content window, allowing privilege escalation via DOM
    property overrides.
  • Michael Krax reported a possibility to run JavaScript code with
    elevated privileges through the use of javascript: favicons.
  • Michael Krax also discovered that malicious Search plugins could
    run JavaScript in the context of the displayed page or stealthily
    replace existing search plugins.
  • shutdown discovered a technique to pollute the global scope of a
    window in a way that persists from page to page.
  • Doron Rosenberg discovered a possibility to run JavaScript with
    elevated privileges when the user asks to "Show" a blocked popup that
    contains a JavaScript URL.
  • Finally, Georgi Guninski reported missing Install object instance
    checks in the native implementations of XPInstall-related JavaScript
    objects.

The following Firefox-specific vulnerabilities have also been
discovered:
  • Kohei Yoshino discovered a new way to abuse the sidebar panel to
    execute JavaScript with elevated privileges.
  • Omar Khan reported that the Plugin Finder Service can be tricked to
    open javascript: URLs with elevated privileges.


Impact


The various JavaScript execution with elevated privileges issues can be
exploited by a remote attacker to install malicious code or steal data.
The memory disclosure issue can be used to reveal potentially sensitive
information. Finally, the cache pollution issue and search plugin abuse
can be leveraged in cross-site-scripting attacks.


Workaround


There is no known workaround at this time.


Resolution


All Mozilla Firefox users should upgrade to the latest version:
Code:
# emerge --sync
    # emerge --ask --oneshot --verbose ">=www-client/mozilla-firefox-1.0.3"

All Mozilla Firefox binary users should upgrade to the latest version:
Code:
# emerge --sync
    # emerge --ask --oneshot --verbose ">=www-client/mozilla-firefox-bin-1.0.3"

All Mozilla Suite users should upgrade to the latest version:
Code:
# emerge --sync
    # emerge --ask --oneshot --verbose ">=www-client/mozilla-1.7.7"

All Mozilla Suite binary users should upgrade to the latest version:
Code:
# emerge --sync
    # emerge --ask --oneshot --verbose ">=www-client/mozilla-bin-1.7.7"


References

Mozilla Security Advisories
CAN-2005-0989
CVE-2005-1153
CVE-2005-1154
CVE-2005-1155
CVE-2005-1156
CVE-2005-1159
CVE-2005-1160


Last edited by GLSA on Wed Dec 21, 2011 4:19 am; edited 4 times in total
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index News & Announcements All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum