Explore top 10 tips to secure your open-source projects now. Read More
×
Several security issues were fixed in Firefox.
Software Description:
- firefox: Mozilla Open Source web browser
Details:
Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey, Ed
Morley, Chris Lord, Boris Zbarsky, Julian Seward, Bill McCloskey, and
Andrew McCreight discovered multiple memory safety issues affecting
Firefox. If the user were tricked into opening a specially crafted page, an
attacker could possibly exploit these to cause a denial of service via
application crash, or potentially execute code with the privileges of the
user invoking Firefox. (CVE-2012-5842, CVE-2012-5843)
Atte Kettunen discovered a buffer overflow while rendering GIF format
images. An attacker could exploit this to possibly execute arbitrary code
as the user invoking Firefox. (CVE-2012-4202)
It was discovered that the evalInSandbox function's JavaScript sandbox
context could be circumvented. An attacker could exploit this to perform a
cross-site scripting (XSS) a...
The problem can be corrected by updating your system to the following package versions: Ubuntu 12.10: firefox 17.0+build2-0ubuntu0.12.10.1 Ubuntu 12.04 LTS: firefox 17.0+build2-0ubuntu0.12.04.1 Ubuntu 11.10: firefox 17.0+build2-0ubuntu0.11.10.1 Ubuntu 10.04 LTS: firefox 17.0+build2-0ubuntu0.10.04.1 After a standard system update you need to restart Firefox to make all the necessary changes.
https://ubuntu.com/security/notices/USN-1638-1
CVE-2012-4201, CVE-2012-4202, CVE-2012-4203, CVE-2012-4204,
CVE-2012-4205, CVE-2012-4207, CVE-2012-4208, CVE-2012-4209,
CVE-2012-4210, CVE-2012-4212, CVE-2012-4213, CVE-2012-4214,
CVE-2012-4215, CVE-2012-4216, CVE-2012-4217, CVE-2012-4218,
CVE-2012-5829, CVE-2012-5830, CVE-2012-5833, CVE-2012-5835,
CVE-2012-5836, CVE-2012-5838, CVE-2012-5839, CVE-2012-5840,
CVE-2012-5841, CVE-2012-5842, CVE-2012-5843, https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1080211
Get the latest Linux and open source security news straight to your inbox.