[PCWorks] Firefox 3 Multiple Vulnerabilities
- From: "Clint Hamilton-PCWorks Admin" <PCWorks@xxxxxxxxxxxxxxxxxxxxxxxx>
- To: "PCWorks@xxxxxxxxxxxxx" <pcworks@xxxxxxxxxxxxx>
- Date: Fri, 14 Nov 2008 06:35:46 -0600
TITLE:
Mozilla Firefox 3 Multiple Vulnerabilities
SECUNIA ADVISORY ID:
SA32713
VERIFY ADVISORY:
http://secunia.com/advisories/32713/
CRITICAL:
Highly critical
IMPACT:
Security Bypass, Exposure of system information, Exposure of
sensitive information, System access
WHERE:
From remote
SOFTWARE:
Mozilla Firefox 3.x
http://secunia.com/advisories/product/19089/
DESCRIPTION:
Some vulnerabilities have been reported in Mozilla Firefox,
which can
be exploited by malicious people to disclose sensitive
information,
bypass certain security restrictions, or compromise a user's
system.
1) An error when processing "file:" URIs can be exploited to
execute
arbitrary JavaScript code with chrome privileges by tricking a
user
into opening a malicious local file in a tab previously opened
for a
"chrome:" document or a privileged "about:" URI.
2) Various errors in the layout engine can be exploited to
cause
memory corruptions and potentially execute arbitrary code.
3) An error in the browser engine can be exploited to cause a
crash.
For more information see vulnerability #5 in:
SA32693
4) An error in the JavaScript engine can be exploited to cause
a
memory corruption and potentially execute arbitrary code.
5) An error in the browser's restore feature can be exploited
to
violate the same-origin policy.
For more information see vulnerability #7 in:
SA32693
6) An error in the processing of the "http-index-format" MIME
type
can be exploited to execute arbitrary code.
For more information see vulnerability #8 in:
SA32693
7) An error in the DOM constructing code can be exploited to
dereference uninitialized memory and potentially execute
arbitrary
code:
For more information see vulnerability #9 in:
SA32693
8) An error in "nsXMLHttpRequest::NotifyEventListeners()" can
be
exploited to bypass certain security restrictions.
For more information see vulnerability #10 in:
SA32693
9) An error can be exploited to manipulate signed JAR files and
execute arbitrary JavaScript code in the context of another
site.
For more information see vulnerability #11 in:
SA32693
10) An error exists when parsing E4X documents can be
exploited to
inject arbitrary XML code.
For more information see vulnerability #12 in:
SA32693
The vulnerabilities are reported in versions prior to 3.0.4.
SOLUTION:
Update to version 3.0.4.
ORIGINAL ADVISORY:
http://www.mozilla.org/security/announce/2008/mfsa2008-51.html
http://www.mozilla.org/security/announce/2008/mfsa2008-52.html
http://www.mozilla.org/security/announce/2008/mfsa2008-53.html
http://www.mozilla.org/security/announce/2008/mfsa2008-54.html
http://www.mozilla.org/security/announce/2008/mfsa2008-55.html
http://www.mozilla.org/security/announce/2008/mfsa2008-56.html
http://www.mozilla.org/security/announce/2008/mfsa2008-57.html
http://www.mozilla.org/security/announce/2008/mfsa2008-58.html
OTHER REFERENCES:
SA32693:
http://secunia.com/advisories/32693/
=========================
The list's FAQ's can be seen by sending an email to
PCWorks-request@xxxxxxxxxxxxx with FAQ in the subject line.
To unsubscribe, subscribe, set Digest or Vacation to on or off, go to
//www.freelists.org/list/pcworks . You can also send an email to
PCWorks-request@xxxxxxxxxxxxx with Unsubscribe in the subject line. Your
member list settings can be found at
//www.freelists.org/cgi-bin/lsg2.cgi/l=pcworks . Once logged in, you have
access to numerous other email options.
The list archives are located at //www.freelists.org/archives/pcworks/ .
All email posted to the list will be placed there in the event anyone needs to
look for previous posts.
-zxdjhu-
Other related posts:
