[PCWorks] Mozilla Firefox / Thunderbird Multiple Vulnerabilities
- From: "Clint Hamilton-PCWorks Admin" <PCWorks@xxxxxxxxxxxxxxxxxxxxxxxx>
- To: "PCWorks@xxxxxxxxxxxxx" <pcworks@xxxxxxxxxxxxx>
- Date: Wed, 1 Feb 2012 23:10:48 -0600
TITLE:
Mozilla Firefox / Thunderbird Multiple Vulnerabilities
Criticality level: Highly critical
Impact: Security Bypass, Exposure of sensitive information,
System access
Where: From remote
Software:
Mozilla Firefox 9.x
Mozilla Thunderbird 9.x
SECUNIA ADVISORY ID:
http://secunia.com/advisories/47816/
DESCRIPTION:
A security issue and multiple vulnerabilities have been
reported in
Mozilla Firefox and Thunderbird, which can be exploited by
malicious,
local users to disclose certain sensitive information and by
malicious
people to bypass certain security restrictions, disclose
certain
sensitive information, and compromise a user's system.
1) Some unspecified errors can be exploited to corrupt memory.
No
further information is currently available.
2) An error when handling a sub-frame can be exploited to
bypass the
frame navigation policy and e.g. expose an "<iframe>" element
via the
name attribute.
3) A use-after-free error within the "AttributeChildRemoved()"
method
when removing child nodes from the "nsDOMAttribute" node can be
exploited to execute arbitrary code.
4) An error within the implementation of XPConnect security
checks
when calling untrusted objects can be exploited to e.g. conduct
cross-site scripting attacks.
5) An error within the "mImageBufferSize()" method when
encoding
images as "image/vnd.microsoft.icon" can be exploited to
disclose
certain sensitive data within the resulting image.
6) An unspecified error when decoding Ogg Vorbis files can be
exploited to corrupt memory and execute arbitrary code.
7) An error within the handling of embedded XSLT stylesheets
can be
exploited to corrupt memory and execute arbitrary code.
8) The security issue is caused due to the "Firefox Recovery
Key.html" file being saved with insecure file permissions when
exporting the Firefox Sync key and can be exploited to read the
contents of the file.
This security issue only affects Firefox on Linux and OS X
systems.
SOLUTION:
Upgrade to Firefox version 10.0 or Thunderbird version 10.0.
ORIGINAL ADVISORY:
Mozilla:
http://www.mozilla.org/security/announce/2012/mfsa2012-01.html
http://www.mozilla.org/security/announce/2012/mfsa2012-03.html
http://www.mozilla.org/security/announce/2012/mfsa2012-04.html
http://www.mozilla.org/security/announce/2012/mfsa2012-05.html
http://www.mozilla.org/security/announce/2012/mfsa2012-06.html
http://www.mozilla.org/security/announce/2012/mfsa2012-07.html
http://www.mozilla.org/security/announce/2012/mfsa2012-08.html
http://www.mozilla.org/security/announce/2012/mfsa2012-09.html
=========================
The list's FAQ's can be seen by sending an email to
PCWorks-request@xxxxxxxxxxxxx with FAQ in the subject line.
To unsubscribe, subscribe, set Digest or Vacation to on or off, go to
//www.freelists.org/list/pcworks . You can also send an email to
PCWorks-request@xxxxxxxxxxxxx with Unsubscribe in the subject line. Your
member list settings can be found at
//www.freelists.org/cgi-bin/lsg2.cgi/l=pcworks . Once logged in, you have
access to numerous other email options.
The list archives are located at //www.freelists.org/archives/pcworks/ .
All email posted to the list will be placed there in the event anyone needs to
look for previous posts.
-zxdjhu-
Other related posts:
