Ubuntu 1681-4: Firefox regression

    Date05 Feb 2013
    CategoryUbuntu
    48
    Posted ByLinuxSecurity Advisories
    USN-1681-1 introduced a regression in Firefox.
    
    ==========================================================================
    Ubuntu Security Notice USN-1681-4
    February 05, 2013
    
    firefox regression
    ==========================================================================
    
    A security issue affects these releases of Ubuntu and its derivatives:
    
    - Ubuntu 12.10
    - Ubuntu 12.04 LTS
    - Ubuntu 11.10
    - Ubuntu 10.04 LTS
    
    Summary:
    
    USN-1681-1 introduced a regression in Firefox.
    
    Software Description:
    - firefox: Mozilla Open Source web browser
    
    Details:
    
    USN-1681-1 fixed vulnerabilities in Firefox. Due to an upstream regression,
    Firefox suffered from instabilities when accessing some websites. This
    update fixes the problem.
    
    We apologize for the inconvenience.
    
    Original advisory details:
    
     Christoph Diehl, Christian Holler, Mats Palmgren, Chiaki Ishikawa, Bill
     Gianopoulos, Benoit Jacob, Gary Kwong, Robert O'Callahan, Jesse Ruderman,
     and Julian Seward discovered multiple memory safety issues affecting
     Firefox. If the user were tricked into opening a specially crafted page, an
     attacker could possibly exploit these to cause a denial of service via
     application crash, or potentially execute code with the privileges of the
     user invoking Firefox. (CVE-2013-0769, CVE-2013-0749, CVE-2013-0770)
    
     Abhishek Arya discovered several user-after-free and buffer overflows in
     Firefox. An attacker could exploit these to cause a denial of service via
     application crash, or potentially execute code with the privileges of the
     user invoking Firefox. (CVE-2013-0760, CVE-2013-0761, CVE-2013-0762,
     CVE-2013-0763, CVE-2013-0766, CVE-2013-0767, CVE-2013-0771, CVE-2012-5829)
    
     A stack buffer was discovered in Firefox. If the user were tricked into
     opening a specially crafted page, an attacker could possibly exploit this
     to cause a denial of service via application crash, or potentially execute
     code with the privileges of the user invoking Firefox. (CVE-2013-0768)
    
     Masato Kinugawa discovered that Firefox did not always properly display URL
     values in the address bar. A remote attacker could exploit this to conduct
     URL spoofing and phishing attacks. (CVE-2013-0759)
    
     Atte Kettunen discovered that Firefox did not properly handle HTML tables
     with a large number of columns and column groups. If the user were tricked
     into opening a specially crafted page, an attacker could exploit this to
     cause a denial of service via application crash, or potentially execute
     code with the privileges of the user invoking Firefox. (CVE-2013-0744)
    
     Jerry Baker discovered that Firefox did not always properly handle
     threading when performing downloads over SSL connections. An attacker could
     exploit this to cause a denial of service via application crash.
     (CVE-2013-0764)
    
     Olli Pettay and Boris Zbarsky discovered flaws in the Javacript engine of
     Firefox. An attacker could cause a denial of service via application crash,
     or potentially execute code with the privileges of the user invoking
     Firefox. (CVE-2013-0745, CVE-2013-0746)
    
     Jesse Ruderman discovered a flaw in the way Firefox handled plugins.  If a
     user were tricked into opening a specially crafted page, a remote attacker
     could exploit this to bypass security protections to conduct clickjacking
     attacks. (CVE-2013-0747)
    
     Jesse Ruderman discovered an information leak in Firefox. An attacker could
     exploit this to reveal memory address layout which could help in bypassing
     ASLR protections. (CVE-2013-0748)
    
     An integer overflow was discovered in the Javascript engine, leading to a
     heap-based buffer overflow. If the user were tricked into opening a
     specially crafted page, an attacker could possibly exploit this to execute
     code with the privileges of the user invoking Firefox. (CVE-2013-0750)
    
     Sviatoslav Chagaev discovered that Firefox did not properly handle XBL
     files with multiple XML bindings with SVG content. An attacker could cause
     a denial of service via application crash, or potentially execute code with
     the privileges of the user invoking Firefox. (CVE-2013-0752)
    
     Mariusz Mlynski discovered two flaws to gain access to privileged chrome
     functions. An attacker could possibly exploit this to execute code with the
     privileges of the user invoking Firefox. (CVE-2013-0757, CVE-2013-0758)
    
     Several use-after-free issues were discovered in Firefox. If the user were
     tricked into opening a specially crafted page, an attacker could possibly
     exploit this to execute code with the privileges of the user invoking
     Firefox. (CVE-2013-0753, CVE-2013-0754, CVE-2013-0755, CVE-2013-0756)
    
     Two intermediate CA certificates were mis-issued by the TURKTRUST
     certificate authority. If a remote attacker were able to perform a
     man-in-the-middle attack, this flaw could be exploited to view sensitive
     information. (CVE-2013-0743)
    
    Update instructions:
    
    The problem can be corrected by updating your system to the following
    package versions:
    
    Ubuntu 12.10:
      firefox                         18.0.2+build1-0ubuntu0.12.10.1
    
    Ubuntu 12.04 LTS:
      firefox                         18.0.2+build1-0ubuntu0.12.04.1
    
    Ubuntu 11.10:
      firefox                         18.0.2+build1-0ubuntu0.11.10.1
    
    Ubuntu 10.04 LTS:
      firefox                         18.0.2+build1-0ubuntu0.10.04.1
    
    After a standard system update you need to restart Firefox to make all the
    necessary changes.
    
    References:
      http://www.ubuntu.com/usn/usn-1681-4
      http://www.ubuntu.com/usn/usn-1681-1
      https://launchpad.net/bugs/1116725
    
    Package Information:
    
    https://launchpad.net/ubuntu/+source/firefox/18.0.2+build1-0ubuntu0.12.10.1
    
    https://launchpad.net/ubuntu/+source/firefox/18.0.2+build1-0ubuntu0.12.04.1
    
    https://launchpad.net/ubuntu/+source/firefox/18.0.2+build1-0ubuntu0.11.10.1
    
    https://launchpad.net/ubuntu/+source/firefox/18.0.2+build1-0ubuntu0.10.04.1
    
    
    
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"25","type":"x","order":"1","pct":55.56,"resources":[]},{"id":"88","title":"Should be more technical","votes":"5","type":"x","order":"2","pct":11.11,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"15","type":"x","order":"3","pct":33.33,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.