Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 524
Alerts This Week
Warning Icon 1 524

Ubuntu 12.10 USN-1639-1 Moderate: Unity-Firefox-Extension DoS Risk

ubuntu
Calendar Grey November 22, 2012
Scroller Ubuntu
A critical flaw in the unity-firefox-addon allows malicious entities to disrupt system operations or execute unauthorized code through deceptive websites.
unity-firefox-extension could be made to crash or run programs as your login if it opened a malicious website.

Summary

unity-firefox-extension could be made to crash or run programs as your

login if it opened a malicious website.

Software Description:

- unity-firefox-extension: Firefox extension: Unity Integration

Details:

It was discovered that unity-firefox-extension incorrectly handled certain

callbacks. A remote attacker could use this issue to cause

unity-firefox-extension to crash, resulting in a denial of service, or

possibly execute arbitrary code.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.10:
  xul-ext-unity                   2.4.1-0ubuntu1.1

After a standard system update you need to restart Firefox to make all the
necessary changes.

References

CVE-2012-0960

Severity
important
Lowest
Low
Medium
High
Critical

November 22, 2012

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.