Linux Security
Linux Security
Linux Security

Debian: Mozilla fix several vulnerabilities DSA-1046-1

Date 26 Apr 2006
Posted By LinuxSecurity Advisories
Updated package.
- --------------------------------------------------------------------------
Debian Security Advisory DSA 1046-1                    This email address is being protected from spambots. You need JavaScript enabled to view it.                             Martin Schulze
April 27th, 2006              
- --------------------------------------------------------------------------

Package        : mozilla
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE IDs        : CVE-2005-2353 CVE-2005-4134 CVE-2006-0292 CVE-2006-0293 CVE-2006-0296
                 CVE-2006-0748 CVE-2006-0749 CVE-2006-0884 CVE-2006-1045 CVE-2006-1529
                 CVE-2006-1530 CVE-2006-1531 CVE-2006-1723 CVE-2006-1724 CVE-2006-1727
                 CVE-2006-1728 CVE-2006-1729 CVE-2006-1730 CVE-2006-1731 CVE-2006-1733
                 CVE-2006-1734 CVE-2006-1735 CVE-2006-1736 CVE-2006-1737 CVE-2006-1738
                 CVE-2006-1739 CVE-2006-1740 CVE-2006-1741 CVE-2006-1742 CVE-2006-1790
CERT advisories: VU#179014 VU#252324 VU#329500 VU#350262 VU#488774 VU#492382 VU#592425
                 VU#736934 VU#813230 VU#842094 VU#932734 VU#935556
BugTraq IDs    : 15773 16476 16476 16770 16881 17516

Several security related problems have been discovered in Mozilla.
The Common Vulnerabilities and Exposures project identifies the
following vulnerabilities:


    The "" script allows local users to create or
    overwrite arbitrary files when debugging is enabled via a symlink
    attack on temporary files.


    Web pages with extremely long titles cause subsequent launches of
    the browser to appear to "hang" for up to a few minutes, or even
    crash if the computer has insufficient memory.  [MFSA-2006-03]


    The Javascript interpreter does not properly dereference objects,
    which allows remote attackers to cause a denial of service or
    execute arbitrary code.  [MFSA-2006-01]


    The function allocation code allows attackers to cause a denial of
    service and possibly execute arbitrary code.  [MFSA-2006-01]


    XULDocument.persist() did not validate the attribute name,
    allowing an attacker to inject arbitrary XML and JavaScript code
    into localstore.rdf that would be read and acted upon during
    startup.  [MFSA-2006-05]


    An anonymous researcher for TippingPoint and the Zero Day
    Initiative reported that an invalid and nonsensical ordering of
    table-related tags can be exploited to execute arbitrary code.


    A particular sequence of HTML tags can cause memory corruption
    that can be exploited to exectute arbitary code.  [MFSA-2006-18]


    Georgi Guninski reports that forwarding mail in-line while using
    the default HTML "rich mail" editor will execute JavaScript
    embedded in the e-mail message with full privileges of the client.


    The HTML rendering engine does not properly block external images
    from inline HTML attachments when "Block loading of remote images
    in mail messages" is enabled, which could allow remote attackers
    to obtain sensitive information.  [MFSA-2006-26]


    A vulnerability potentially allows remote attackers to cause a
    denial of service and possibly execute arbitrary.  [MFSA-2006-20]


    A vulnerability potentially allows remote attackers to cause a
    denial of service and possibly execute arbitrary.  [MFSA-2006-20]


    A vulnerability potentially allows remote attackers to cause a
    denial of service and possibly execute arbitrary.  [MFSA-2006-20]


    A vulnerability potentially allows remote attackers to cause a
    denial of service and possibly execute arbitrary.  [MFSA-2006-20]


    A vulnerability potentially allows remote attackers to cause a
    denial of service and possibly execute arbitrary.  [MFSA-2006-20]


    Due to an interaction between XUL content windows and the history
    mechanism, some windows may to become translucent, which might
    allow remote attackers to execute arbitrary code.  [MFSA-2006-29]


    "shutdown" discovered that the security check of the function
    js_ValueToFunctionObject() can be circumvented and exploited to
    allow the installation of malware.  [MFSA-2006-28]


    Georgi Guninski reported two variants of using scripts in an XBL
    control to gain chrome privileges when the page is viewed under
    "Print Preview".under "Print Preview".  [MFSA-2006-25]


    "shutdown" discovered that the crypto.generateCRMFRequest method
    can be used to run arbitrary code with the privilege of the user
    running the browser, which could enable an attacker to install
    malware.  [MFSA-2006-24]


    Claus J�rgensen reported that a text input box can be pre-filled
    with a filename and then turned into a file-upload control,
    allowing a malicious website to steal any local file whose name
    they can guess.  [MFSA-2006-23]


    An anonymous researcher for TippingPoint and the Zero Day
    Initiative discovered an integer overflow triggered by the CSS
    letter-spacing property, which could be exploited to execute
    arbitrary code.  [MFSA-2006-22]


    "moz_bug_r_a4" discovered that some internal functions return
    prototypes instead of objects, which allows remote attackers to
    conduct cross-site scripting attacks.  [MFSA-2006-19]


    "shutdown" discovered that it is possible to bypass same-origin
    protections, allowing a malicious site to inject script into
    content from another site, which could allow the malicious page to
    steal information such as cookies or passwords from the other
    site, or perform transactions on the user's behalf if the user
    were already logged in.  [MFSA-2006-17]


    "moz_bug_r_a4" discovered that the compilation scope of privileged
    built-in XBL bindings is not fully protected from web content and
    can still be executed which could be used to execute arbitrary
    JavaScript, which could allow an attacker to install malware such
    as viruses and password sniffers.  [MFSA-2006-16]


    "shutdown" discovered that it is possible to access an internal
    function object which could then be used to run arbitrary
    JavaScriptcode with full permissions of the user running the
    browser, which could be used to install spyware or viruses.


    It is possible to create JavaScript functions that would get
    compiled with the wrong privileges, allowing an attacker to run
    code of their choice with full permissions of the user running the
    browser, which could be used to install spyware or viruses.


    It is possible to trick users into downloading and saving an
    executable file via an image that is overlaid by a transparent
    image link that points to the executable.  [MFSA-2006-13]


    An integer overflow allows remote attackers to cause a denial of
    service and possibly execute arbitrary bytecode via JavaScript
    with a large regular expression.  [MFSA-2006-11]


    An unspecified vulnerability allows remote attackers to cause a
    denial of service.  [MFSA-2006-11]


    Certain Cascading Style Sheets (CSS) can cause an out-of-bounds
    array write and buffer overflow that could lead to a denial of
    service and the possible execution of arbitrary code.  [MFSA-2006-11]


    It is possible for remote attackers to spoof secure site
    indicators such as the locked icon by opening the trusted site in
    a popup window, then changing the location to a malicious site.


    "shutdown" discovered that it is possible to inject arbitrary
    JavaScript code into a page on another site using a modal alert to
    suspend an event handler while a new page is being loaded.  This
    could be used to steal confidential information.  [MFSA-2006-09]


    Igor Bukanov discovered that the JavaScript engine does not
    properly handle temporary variables, which might allow remote
    attackers to trigger operations on freed memory and cause memory
    corruption, causing memory corruption.  [MFSA-2006-10]


    A regression fix that could lead to memory corruption allows
    remote attackers to cause a denial of service and possibly execute
    arbitrary code.  [MFSA-2006-11]

For the stable distribution (sarge) these problems have been fixed in
version 1.7.8-1sarge5.

For the unstable distribution (sid) these problems will be fixed in
version 1.7.13-1.

We recommend that you upgrade your Mozilla packages.

Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:
      Size/MD5 checksum:     1123 b486e464eae65686c7b15f50f77cb767
      Size/MD5 checksum:   472258 0aa0d6b2edcd13fa83ce9ed271a0724f
      Size/MD5 checksum: 30589520 13c0f0331617748426679e8f2e9f537a

  Alpha architecture:
      Size/MD5 checksum:   168068 7ed348802218aae8f17044f1938ad609
      Size/MD5 checksum:   146702 f3229e78b1ad87a9c8e2bad153faa5a3
      Size/MD5 checksum:   184934 6f62bafa779c954315d04b385eeded59
      Size/MD5 checksum:   856276 ab399c2ed74a5b13deb58aaad3d49087
      Size/MD5 checksum:     1032 e4569c9693441a0edb94ee11912dad30
      Size/MD5 checksum: 11477828 62b8bda344ef70da1c47de2adc23dd4a
      Size/MD5 checksum:   403276 2978138077e4a2ecad90dd0e8c856709
      Size/MD5 checksum:   158332 364e72f576f30e42fe8bfa8e1fba365c
      Size/MD5 checksum:  3357226 6956cd03cbeda6aa147c984e5fd8317d
      Size/MD5 checksum:   122282 ac007b2334d2c4f61585b9059e2c8ab3
      Size/MD5 checksum:   204160 bb0fc8af6b06e34ac81a32d04c9c3cef
      Size/MD5 checksum:  1937094 f7881427bd1afc9371f2a577a02080e9
      Size/MD5 checksum:   212402 1df52addc8f7c47b6681abd51e331f41

  AMD64 architecture:
      Size/MD5 checksum:   168066 bd11d5d2dcd7e78621de4ae0c03ed6b8
      Size/MD5 checksum:   145798 518a796a9423412004eed5ac6c756d61
      Size/MD5 checksum:   184930 b6d7c90efdfe1c52bfbb6c47cdcf1244
      Size/MD5 checksum:   714636 086b722ae6d2aa33ebcaa4101fd0751b
      Size/MD5 checksum:     1030 d62e40f94f76fe6780cd517eaceeec7d
      Size/MD5 checksum: 10945270 2abf8d616e8b889e29f4afea01032679
      Size/MD5 checksum:   403266 66e021c850ef757ce9a2a0ebf30e462a
      Size/MD5 checksum:   158326 14b7ddf2988885d66b85bd7458fa98ad
      Size/MD5 checksum:  3351216 9221380d16e886cae475efb410429c3f
      Size/MD5 checksum:   121176 98f3f0e73d27e92d2f951c892b528bbe
      Size/MD5 checksum:   204152 ef08d9bbbb26b9c6bdda0bbf8e698299
      Size/MD5 checksum:  1936008 339c98bcc87876a27b0ca0dacb6ef0cc
      Size/MD5 checksum:   204336 b25851b6c4ae6818918a0b80507eec2d

  ARM architecture:
      Size/MD5 checksum:   168068 863d83042249fbb53cb5570a5fd03f12
      Size/MD5 checksum:   124162 eed0ab266786523a435d87925369370f
      Size/MD5 checksum:   184952 2d6919422ee7aa37b28d2bf6bc942f5f
      Size/MD5 checksum:   631844 c44b2cf0e0ae4ccc927a41ab6eb25380
      Size/MD5 checksum:     1030 4d0eb279d61409bb9bbcaa7e8f785471
      Size/MD5 checksum:  9207420 46aff4f2b0913d187048f19bc59f6e1e
      Size/MD5 checksum:   403314 17d6accdd639278bad64e9e4042013e2
      Size/MD5 checksum:   158382 5f900a4d4627d27289dc53aaa32e90da
      Size/MD5 checksum:  3340838 a4ce703b7b9f05440ba72b7dd177cdd9
      Size/MD5 checksum:   112674 8426b940dab4c2339a2894dc09584028
      Size/MD5 checksum:   204184 e0f3e9a65adb373574cafe68b75a7f57
      Size/MD5 checksum:  1604382 43b950f85fb316f1bc0d773ef25c6a85
      Size/MD5 checksum:   168862 6245436dde393fbb8526d622d6372b96

  Intel IA-32 architecture:
      Size/MD5 checksum:   170350 1890d8f6cf1f6d7d3f24862b8b236d5e
      Size/MD5 checksum:   136640 cb2ab0bf38cc5afff64327cbf4f79fbe
      Size/MD5 checksum:   187128 af578fd816c0534baa15529168dd1170
      Size/MD5 checksum:   661394 3a94641ec0f1b8bebbed0b428f40e3e8
      Size/MD5 checksum:     1030 42b5cb15c988c9d2328e6be2266dda42
      Size/MD5 checksum: 10332780 89748f75d483a5b4905e842cf85081a6
      Size/MD5 checksum:   403506 3b03c89eec36142148548f7cd64e5d12
      Size/MD5 checksum:   158344 d36c1032ddd6ba8051ad27786662525a
      Size/MD5 checksum:  3592688 f30a67ca521067cde834d346b4646c1b
      Size/MD5 checksum:   116678 dda364a06fa45c104c5222988b826a6b
      Size/MD5 checksum:   204156 2a7e71b2393ddee06457536053b6f426
      Size/MD5 checksum:  1816066 cdc0f8d06a00c14337ad20178284685c
      Size/MD5 checksum:   192632 26c12b2f1e572cc70ab80fae0a20d75f

  Intel IA-64 architecture:
      Size/MD5 checksum:   168070 088af473a08b7478a172e483ffe0a3cb
      Size/MD5 checksum:   174160 255499b7e29813343a088957bc4e450e
      Size/MD5 checksum:   184942 6ebb70d67e23a8ff659ec788048c558d
      Size/MD5 checksum:   966574 fa7081da19e2c59b89c5b47d70314a38
      Size/MD5 checksum:     1032 dac2c365bc58d57275205fbecd04d2f2
      Size/MD5 checksum: 12943234 f0e1ea934e597443636be3dc1f8323bc
      Size/MD5 checksum:   403274 d519dfad807b19794742e6723f6872c8
      Size/MD5 checksum:   158334 c729929af3c1879ab058541227487677
      Size/MD5 checksum:  3377040 de356df345ed8ab5ce2a970827990b0d
      Size/MD5 checksum:   125582 9975c43ca6954d98309ab11ac03aadd4
      Size/MD5 checksum:   204158 fa835bffaf5008bccdcd62ff2114a481
      Size/MD5 checksum:  2302210 db2d6cd804c0372eafba307436cd9296
      Size/MD5 checksum:   242664 b8a9d7bba6700b6cb700187bbed51102

  HP Precision architecture:
      Size/MD5 checksum:   168076 e744a5d49021e510fa29396332c5490f
      Size/MD5 checksum:   156738 c856122cc9fa2e985882f624ec57df99
      Size/MD5 checksum:   184946 74cb243dddf99e01bc525efebc9fd96b
      Size/MD5 checksum:   754578 b940f076bd46aff2f6418828503a2afc
      Size/MD5 checksum:     1036 37b2840edf5a86c22ba5dab71452f300
      Size/MD5 checksum: 12162800 74b60c8375cc5d2c379fc4e586526bc7
      Size/MD5 checksum:   403282 c138582e5075ee91ffbdba982acce035
      Size/MD5 checksum:   158338 4ad85659f4aae7580c71a8457128e3c4
      Size/MD5 checksum:  3357886 b8891334da36453c8e5619fe0896f2af
      Size/MD5 checksum:   123502 195bf5cd60cabb129d9ed04bf100241d
      Size/MD5 checksum:   204160 c26281b91291c131ad3fb2f1565caa6d
      Size/MD5 checksum:  2135138 b0883259ed740bcd41bf43ae4680e1b8
      Size/MD5 checksum:   216144 d73d1e1d42427175d865021d69422f8b

  Motorola 680x0 architecture:
      Size/MD5 checksum:   168092 398298d8ffad737508ed118d4d69d112
      Size/MD5 checksum:   125818 2099631f9bd235623d98a32fa45b34d6
      Size/MD5 checksum:   184984 542adc7ea5dac9443e87d2b72023fc80
      Size/MD5 checksum:   599936 fada9efe3f62935cbb4ea56cd889e73f
      Size/MD5 checksum:     1046 2de17261893fc2e2697bbe35b59d768e
      Size/MD5 checksum:  9703464 afcf7cec434793064c55e67cfea1f441
      Size/MD5 checksum:   403358 3890cf07cef780ae34a7e294225db0db
      Size/MD5 checksum:   158380 b213d524e1473ab78ee23a556afb48ac
      Size/MD5 checksum:  3335462 13fc8f2927e661e55e6bd63490bbbab8
      Size/MD5 checksum:   114470 14ec6e7861bf73f3b7f82b91b86cf567
      Size/MD5 checksum:   204180 73817862c43af283a652039ba5b45cd1
      Size/MD5 checksum:  1683074 ab15cea98788c380e269a94d2df5472a
      Size/MD5 checksum:   174748 23a6847a17c4d7e3bf6ef072798e8239

  Big endian MIPS architecture:
      Size/MD5 checksum:   168074 958f2c3227b801f01d1166a54187ee41
      Size/MD5 checksum:   140686 2244af2acdc2844be99005e4e3f0d121
      Size/MD5 checksum:   184960 54829d9c8798df955039c7268b25392a
      Size/MD5 checksum:   725672 2310546bc1cbe2df5a6c1fef62ce1ccf
      Size/MD5 checksum:     1032 6a43b5ff3f81433a162dd200ea052fcb
      Size/MD5 checksum: 10728020 4caf72ce0e493eaf1b9a5fdf0ae57d6e
      Size/MD5 checksum:   403274 d4c7bd6d0638bffa0c5d2c23cf080611
      Size/MD5 checksum:   158336 d1d77d961279da110d01de630e53846b
      Size/MD5 checksum:  3357194 94993156be09ad11712075d917d21660
      Size/MD5 checksum:   117610 77ca046034494b735a10028e5af8eed5
      Size/MD5 checksum:   204150 f6b3f0d0bfc84aa27a24beee692c9932
      Size/MD5 checksum:  1795504 2d34d3ff2dd99a2d0089c1eca53b0579
      Size/MD5 checksum:   189880 2cb68bac9a41b14e627426ebb1405fd1

  Little endian MIPS architecture:
      Size/MD5 checksum:   168082 c1eba053c4a1c0421ea508b29fbaa683
      Size/MD5 checksum:   140636 a2474b059a8c1e4845922102cc1d58d8
      Size/MD5 checksum:   184940 4a7289c8753105101fe9b0862e3aad71
      Size/MD5 checksum:   715106 67e1dc2600da37597fb75e22b7875a6d
      Size/MD5 checksum:     1038 d0f622dcb3b5b41b62986c3c7c338370
      Size/MD5 checksum: 10603070 6a6966022c2f8a8ab2807e656043e39a
      Size/MD5 checksum:   403296 6b7722ec5a34cae5f221c3958dc65bc1
      Size/MD5 checksum:   158342 87c0d4a874ca1aa5e3be85e2249dbe6b
      Size/MD5 checksum:  3357982 a7258380f1f7fcc380d2a8161cc1b803
      Size/MD5 checksum:   117204 e77b1061daa3c8a762b9bd0a58f340ee
      Size/MD5 checksum:   204162 b2e72e6b19f1092e84f2977291e782bf
      Size/MD5 checksum:  1777610 f88abea35dc9ac1c7760d2ae8761303a
      Size/MD5 checksum:   187444 37c35256b507720467747edfd7ad6606

  PowerPC architecture:
      Size/MD5 checksum:   168078 e8a320169dd21bd2653f2e1cceacaea8
      Size/MD5 checksum:   131146 01deac585f851b2b22d117db76271f69
      Size/MD5 checksum:   184928 69c925958815b6a0b66d67660e530d21
      Size/MD5 checksum:   718850 182c8077cedbd4b17e519bf9d4340ddf
      Size/MD5 checksum:     1038 8492a6da8120bcd6498c1cf5b5e7bb29
      Size/MD5 checksum:  9703116 df00589069a7994886b37154a83ba48a
      Size/MD5 checksum:   403294 3530285f43e66537f891885855b56a4a
      Size/MD5 checksum:   158344 f0158562b460aa36a08f24b3c6a828c5
      Size/MD5 checksum:  3339658 0d6d999cd0559fd93be3257664ad9165
      Size/MD5 checksum:   114598 bf235995c329c00a51416cb6d9996fad
      Size/MD5 checksum:   204166 2156c81a5e15e4444d2c5be22ee066a8
      Size/MD5 checksum:  1642978 409eb5485153365138f9d130db5a0bf5
      Size/MD5 checksum:   175672 d148c3a307177bd5a88d211c554c515f

  IBM S/390 architecture:
      Size/MD5 checksum:   168062 f336a2de372d02f5dad5673afd3b6e19
      Size/MD5 checksum:   156458 71cc856f65e80354b508799a720d2223
      Size/MD5 checksum:   184956 46fe112fa61e011e2fb79cff847378cb
      Size/MD5 checksum:   798872 7d02d09328a985bed9aaa3f603c56b72
      Size/MD5 checksum:     1036 7d25a776a8f9e3467060085df346a772
      Size/MD5 checksum: 11325484 cad88ede93803739d98498f4b43c74c2
      Size/MD5 checksum:   403292 fc353648cb5e5fabf0b07211729fb8c7
      Size/MD5 checksum:   158346 e173c32ab6b9a1904f0236fb00ce836f
      Size/MD5 checksum:  3352214 ca96b4f7ee3c1498904a567a6462778d
      Size/MD5 checksum:   121378 c33f1b9d5907dd6422a0ecb38c6f714a
      Size/MD5 checksum:   204166 e4f8a67148cf7b703c280ec91f289298
      Size/MD5 checksum:  1944742 31da3121c50c27f4df3be7939cbe7324
      Size/MD5 checksum:   213446 4d431a25410f0e6039f4032c9acf3378

  Sun Sparc architecture:
      Size/MD5 checksum:   168070 0005424068108c85553255259aea5f5b
      Size/MD5 checksum:   128364 0988e532f8ef63759610a007d07bf60b
      Size/MD5 checksum:   184942 62e592a514e25e3c7c5420c5c53f3d8e
      Size/MD5 checksum:   672638 f35942f6694b22af40973af8fb9058a5
      Size/MD5 checksum:     1030 771b441d8c662e3db4c45646f4e6a99b
      Size/MD5 checksum:  9373440 a4560f2a4bc80bbf93829f7bf0a1bc5d
      Size/MD5 checksum:   403276 440bcce7ec880544cff5bba723239473
      Size/MD5 checksum:   158336 d0ecad8b66d39437bec068ee8e182397
      Size/MD5 checksum:  3340588 5f44ff3da184961882044aef4a46e696
      Size/MD5 checksum:   112516 83e39c205c5098b2e0b58c1301a39705
      Size/MD5 checksum:   204156 ae1c34bb6889e7912fb210d120f5d7f8
      Size/MD5 checksum:  1583742 fa8be53ec188d2471269ea2b88142e51
      Size/MD5 checksum:   168022 e8bd471a692f313db05316ecf5e4c7b8

  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.

LinuxSecurity Poll

How frequently do you patch/update your system?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum 0 answer(s) and maximum 3 answer(s).
[{"id":"179","title":"As soon as patches\/updates are released - I track advisories for my distro(s) diligently","votes":"45","type":"x","order":"1","pct":81.82,"resources":[]},{"id":"180","title":"Every so often, when I think of it","votes":"5","type":"x","order":"2","pct":9.09,"resources":[]},{"id":"181","title":"Hardly ever","votes":"5","type":"x","order":"3","pct":9.09,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

Please vote first in order to view vote results.



bottom 200

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.