Debian: New Mozilla Firefox packages fix several vulnerabilities

    Date26 Apr 2006
    CategoryDebian
    3772
    Posted ByLinuxSecurity Advisories
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 1044-1                    This email address is being protected from spambots. You need JavaScript enabled to view it.
    http://www.debian.org/security/                             Martin Schulze
    April 26th, 2006                        http://www.debian.org/security/faq
    - --------------------------------------------------------------------------
    
    Package        : mozilla-firefox
    Vulnerability  : several
    Problem type   : remote
    Debian-specific: no
    CVE IDs        : CVE-2006-0293 CVE-2006-0292 CVE-2005-4134 CVE-2006-0296 CVE-2006-1741
                     CVE-2006-1742 CVE-2006-1737 CVE-2006-1738 CVE-2006-1739 CVE-2006-1790
                     CVE-2006-1740 CVE-2006-1736 CVE-2006-1735 CVE-2006-1734 CVE-2006-1733
                     CVE-2006-1732 CVE-2006-0749 CVE-2006-1731 CVE-2006-1730 CVE-2006-1729
                     CVE-2006-1728 CVE-2006-1727 CVE-2006-0748
    CERT advisories: VU#179014 VU#252324 VU#329500 VU#488774 VU#492382 VU#592425 VU#736934
                     VU#813230 VU#842094 VU#932734 VU#935556
    BugTraq IDs    : 15773 16476 17516
    Debian Bugs    : 363935 362656
    
    
    
    Several security related problems have been discovered in Mozilla
    Firefox.  The Common Vulnerabilities and Exposures project identifies
    the following vulnerabilities:
    
    CVE-2005-4134
    
        Web pages with extremely long titles cause subsequent launches of
        the browser to appear to "hang" for up to a few minutes, or even
        crash if the computer has insufficient memory.  [MFSA-2006-03]
    
    CVE-2006-0292
    
        The Javascript interpreter does not properly dereference objects,
        which allows remote attackers to cause a denial of service or
        execute arbitrary code.  [MFSA-2006-01]
    
    CVE-2006-0293
    
        The function allocation code allows attackers to cause a denial of
        service and possibly execute arbitrary code.  [MFSA-2006-01]
    
    CVE-2006-0296
    
        XULDocument.persist() did not validate the attribute name,
        allowing an attacker to inject arbitrary XML and JavaScript code
        into localstore.rdf that would be read and acted upon during
        startup.  [MFSA-2006-05]
    
    CVE-2006-0748
    
        An anonymous researcher for TippingPoint and the Zero Day
        Initiative reported that an invalid and nonsensical ordering of
        table-related tags can be exploited to execute arbitrary code.
        [MFSA-2006-27]
    
    CVE-2006-0749
    
        A particular sequence of HTML tags can cause memory corruption
        that can be exploited to exectute arbitary code.  [MFSA-2006-18]
    
    CVE-2006-1727
    
        Georgi Guninski reported two variants of using scripts in an XBL
        control to gain chrome privileges when the page is viewed under
        "Print Preview".under "Print Preview".  [MFSA-2006-25]
    
    CVE-2006-1728
    
        "shutdown" discovered that the crypto.generateCRMFRequest method
        can be used to run arbitrary code with the privilege of the user
        running the browser, which could enable an attacker to install
        malware.  [MFSA-2006-24]
    
    CVE-2006-1729
    
        Claus J�rgensen reported that a text input box can be pre-filled
        with a filename and then turned into a file-upload control,
        allowing a malicious website to steal any local file whose name
        they can guess.  [MFSA-2006-23]
    
    CVE-2006-1730
    
        An anonymous researcher for TippingPoint and the Zero Day
        Initiative discovered an integer overflow triggered by the CSS
        letter-spacing property, which could be exploited to execute
        arbitrary code.  [MFSA-2006-22]
    
    CVE-2006-1731
    
        "moz_bug_r_a4" discovered that some internal functions return
        prototypes instead of objects, which allows remote attackers to
        conduct cross-site scripting attacks.  [MFSA-2006-19]
    
    CVE-2006-1732
    
        "shutdown" discovered that it is possible to bypass same-origin
        protections, allowing a malicious site to inject script into
        content from another site, which could allow the malicious page to
        steal information such as cookies or passwords from the other
        site, or perform transactions on the user's behalf if the user
        were already logged in.  [MFSA-2006-17]
    
    CVE-2006-1733
    
        "moz_bug_r_a4" discovered that the compilation scope of privileged
        built-in XBL bindings is not fully protected from web content and
        can still be executed which could be used to execute arbitrary
        JavaScript, which could allow an attacker to install malware such
        as viruses and password sniffers.  [MFSA-2006-16]
    
    CVE-2006-1734
    
        "shutdown" discovered that it is possible to access an internal
        function object which could then be used to run arbitrary
        JavaScriptcode with full permissions of the user running the
        browser, which could be used to install spyware or viruses.
        [MFSA-2006-15]
    
    CVE-2006-1735
    
        It is possible to create JavaScript functions that would get
        compiled with the wrong privileges, allowing an attacker to run
        code of their choice with full permissions of the user running the
        browser, which could be used to install spyware or viruses.
        [MFSA-2006-14]
    
    CVE-2006-1736
    
        It is possible to trick users into downloading and saving an
        executable file via an image that is overlaid by a transparent
        image link that points to the executable.  [MFSA-2006-13]
    
    CVE-2006-1737
    
        An integer overflow allows remote attackers to cause a denial of
        service and possibly execute arbitrary bytecode via JavaScript
        with a large regular expression.  [MFSA-2006-11]
    
    CVE-2006-1738
    
        An unspecified vulnerability allows remote attackers to cause a
        denial of service.  [MFSA-2006-11]
    
    CVE-2006-1739
    
        Certain Cascading Style Sheets (CSS) can cause an out-of-bounds
        array write and buffer overflow that could lead to a denial of
        service and the possible execution of arbitrary code.  [MFSA-2006-11]
    
    CVE-2006-1740
    
        It is possible for remote attackers to spoof secure site
        indicators such as the locked icon by opening the trusted site in
        a popup window, then changing the location to a malicious site.
        [MFSA-2006-12]
    
    CVE-2006-1741
    
        "shutdown" discovered that it is possible to inject arbitrary
        JavaScript code into a page on another site using a modal alert to
        suspend an event handler while a new page is being loaded.  This
        could be used to steal confidential information.  [MFSA-2006-09]
    
    CVE-2006-1742
    
        Igor Bukanov discovered that the JavaScript engine does not
        properly handle temporary variables, which might allow remote
        attackers to trigger operations on freed memory and cause memory
        corruption, causing memory corruption.  [MFSA-2006-10]
    
    CVE-2006-1790
    
        A regression fix that could lead to memory corruption allows
        remote attackers to cause a denial of service and possibly execute
        arbitrary code.  [MFSA-2006-11]
    
    For the stable distribution (sarge) these problems have been fixed in
    version 1.0.4-2sarge6.
    
    For the unstable distribution (sid) these problems have been fixed in
    version 1.5.dfsg+1.5.0.2-2.
    
    We recommend that you upgrade your Mozilla Firefox packages.
    
    
    Upgrade Instructions
    - --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    
    Debian GNU/Linux 3.1 alias sarge
    - --------------------------------
    
      Source archives:
    
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge6.dsc
          Size/MD5 checksum:     1001 09c185f1a695fd7b01494c7612e123bf
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge6.diff.gz
          Size/MD5 checksum:   381739 0582bbb1766855b1e82c25a39109480a
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4.orig.tar.gz
          Size/MD5 checksum: 40212297 8e4ba81ad02c7986446d4e54e978409d
    
      Alpha architecture:
    
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge6_alpha.deb
          Size/MD5 checksum: 11171196 55e56e5a9306f5ea4d1508140836c042
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge6_alpha.deb
          Size/MD5 checksum:   168162 9c4d068815e6e6239970f3b248456622
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge6_alpha.deb
          Size/MD5 checksum:    60002 532591335d84fc3f28e8c91f829a33c5
    
      AMD64 architecture:
    
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge6_amd64.deb
          Size/MD5 checksum:  9400894 d9033861dc839d0a763928271efb566d
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge6_amd64.deb
          Size/MD5 checksum:   162910 5dc9795fae9b8f6d2cc3cb790c6250e5
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge6_amd64.deb
          Size/MD5 checksum:    58514 c7964d89cec3da753c6a553e6695416a
    
      ARM architecture:
    
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge6_arm.deb
          Size/MD5 checksum:  8220344 30407a08ed75456e59317304f9f4f4cd
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge6_arm.deb
          Size/MD5 checksum:   154376 f298104e766dfc1f7ead3a82ca766093
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge6_arm.deb
          Size/MD5 checksum:    53836 1e0d26b5767112085ceaf3bb1a5e3167
    
      Intel IA-32 architecture:
    
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge6_i386.deb
          Size/MD5 checksum:  8896526 b7a91a72476842c9b6798fceb791c20c
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge6_i386.deb
          Size/MD5 checksum:   158156 27b8ea4761567e6e71cb0f888995dc1c
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge6_i386.deb
          Size/MD5 checksum:    55380 88fe805a1c81b705d8146c3c11ba0540
    
      Intel IA-64 architecture:
    
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge6_ia64.deb
          Size/MD5 checksum: 11628466 f42dffd9e863f7a373f14b0b7276239e
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge6_ia64.deb
          Size/MD5 checksum:   168490 ad2f05cc5e1b32113eb27b02623ab8d2
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge6_ia64.deb
          Size/MD5 checksum:    63188 cd0e85bb099ffebfa50cfa5db021a09b
    
      HP Precision architecture:
    
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge6_hppa.deb
          Size/MD5 checksum: 10272698 4465e59426f88dcfedbb8b46d9e9300a
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge6_hppa.deb
          Size/MD5 checksum:   165896 c58e73ec5b355a1848abeb60d643601c
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge6_hppa.deb
          Size/MD5 checksum:    58982 5366dbfa5e4fc8f1026c7a1c6ab107a5
    
      Motorola 680x0 architecture:
    
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge6_m68k.deb
          Size/MD5 checksum:  8171168 d7d08da028982a426d22eff0e2c3a19b
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge6_m68k.deb
          Size/MD5 checksum:   156990 44a55bef9f1b6788872460a887b2695d
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge6_m68k.deb
          Size/MD5 checksum:    54640 5b6b926264762bbd495369286ee781ee
    
      Big endian MIPS architecture:
    
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge6_mips.deb
          Size/MD5 checksum:  9927634 b0e37e95b1e41733b23e3f73b9c72405
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge6_mips.deb
          Size/MD5 checksum:   155916 5eea68906058e471cb2669052e544ace
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge6_mips.deb
          Size/MD5 checksum:    55650 a524a73fea4d1b3b90ca327fddb654cc
    
      Little endian MIPS architecture:
    
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge6_mipsel.deb
          Size/MD5 checksum:  9807332 cf96cd6abc99138cc29970da55e0b212
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge6_mipsel.deb
          Size/MD5 checksum:   155456 61affe2d665661bdcbea5675ecc6e997
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge6_mipsel.deb
          Size/MD5 checksum:    55466 204a01cd5700af9fe83f46a578e16137
    
      PowerPC architecture:
    
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge6_powerpc.deb
          Size/MD5 checksum:  8567542 47ecafdf5d0546f37a93e607e5309ad9
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge6_powerpc.deb
          Size/MD5 checksum:   156574 a0e6cc0e9465b9514f890052fab979f6
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge6_powerpc.deb
          Size/MD5 checksum:    57758 76f1ce6caf3c5e43512567738cb1efbd
    
      IBM S/390 architecture:
    
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge6_s390.deb
          Size/MD5 checksum:  9639294 3ee16b1842014591a467ef4b728864e8
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge6_s390.deb
          Size/MD5 checksum:   163512 ff6eb1ff873acb224dedb28e4af99c0f
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge6_s390.deb
          Size/MD5 checksum:    57946 9ea184c5b5d433d0271a7f1a96f06234
    
      Sun Sparc architecture:
    
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge6_sparc.deb
          Size/MD5 checksum:  8659558 4b91971c36927f498fb1f2b98d681bc6
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge6_sparc.deb
          Size/MD5 checksum:   156772 d9eb8881f510b007904587450ae44a61
        http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge6_sparc.deb
          Size/MD5 checksum:    54194 508ab5503cc83699296f707d2fd66026
    
    
      These files will probably be moved into the stable distribution on
      its next update.
    
    - ---------------------------------------------------------------------------------
    For apt-get: deb http://security.debian.org/ stable/updates main
    For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"7","type":"x","order":"1","pct":58.33,"resources":[]},{"id":"88","title":"Should be more technical","votes":"3","type":"x","order":"2","pct":25,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"2","type":"x","order":"3","pct":16.67,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    Advisories

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.