Ubuntu 1786-1: Firefox vulnerabilities

    Date04 Apr 2013
    CategoryUbuntu
    66
    Posted ByLinuxSecurity Advisories
    Firefox could be made to crash or run programs as your login if it opened a malicious website.
    ==========================================================================
    Ubuntu Security Notice USN-1786-1
    April 04, 2013
    
    firefox vulnerabilities
    ==========================================================================
    
    A security issue affects these releases of Ubuntu and its derivatives:
    
    - Ubuntu 12.10
    - Ubuntu 12.04 LTS
    - Ubuntu 11.10
    - Ubuntu 10.04 LTS
    
    Summary:
    
    Firefox could be made to crash or run programs as your login if it
    opened a malicious website.
    
    Software Description:
    - firefox: Mozilla Open Source web browser
    
    Details:
    
    Olli Pettay, Jesse Ruderman, Boris Zbarsky, Christian Holler, Milan
    Sreckovic, Joe Drew, Andrew McCreight, Randell Jesup, Gary Kwong and
    Mats Palmgren discovered multiple memory safety issues affecting Firefox.
    If the user were tricked into opening a specially crafted page, an
    attacker could possibly exploit these to cause a denial of service via
    application crash, or potentially execute code with the privileges of the
    user invoking Firefox. (CVE-2013-0788, CVE-2013-0789)
    
    Ambroz Bizjak discovered an out-of-bounds array read in the
    CERT_DecodeCertPackage function of the Network Security Services (NSS)
    libary when decoding certain certificates. An attacker could potentially
    exploit this to cause a denial of service via application crash.
    (CVE-2013-0791)
    
    Tobias Schula discovered an information leak in Firefox when the
    gfx.color_management.enablev4 preference is enabled. If the user were
    tricked into opening a specially crafted image, an attacker could
    potentially exploit this to steal confidential data. By default, the
    gfx.color_management.enablev4 preference is not enabled in Ubuntu.
    (CVE-2013-0792)
    
    Mariusz Mlynski discovered that timed history navigations could be used to
    load arbitrary websites with the wrong URL displayed in the addressbar. An
    attacker could exploit this to conduct cross-site scripting (XSS) or
    phishing attacks. (CVE-2013-0793)
    
    It was discovered that the origin indication on tab-modal dialog boxes
    could be removed, which could allow an attacker's dialog to be displayed
    over another sites content. An attacker could exploit this to conduct
    phishing attacks. (CVE-2013-0794)
    
    Cody Crews discovered that the cloneNode method could be used to
    bypass System Only Wrappers (SOW) to clone a protected node and bypass
    same-origin policy checks. An attacker could potentially exploit this to
    steal confidential data or execute code with the privileges of the user
    invoking Firefox. (CVE-2013-0795)
    
    A crash in WebGL rendering was discovered in Firefox. An attacker could
    potentially exploit this to execute code with the privileges of the user
    invoking Firefox. This issue only affects users with Intel graphics
    drivers. (CVE-2013-0796)
    
    Abhishek Arya discovered an out-of-bounds write in the Cairo graphics
    library. An attacker could potentially exploit this to execute code with
    the privileges of the user invoking Firefox. (CVE-2013-0800)
    
    Update instructions:
    
    The problem can be corrected by updating your system to the following
    package versions:
    
    Ubuntu 12.10:
      firefox                         20.0+build1-0ubuntu0.12.10.3
    
    Ubuntu 12.04 LTS:
      firefox                         20.0+build1-0ubuntu0.12.04.3
    
    Ubuntu 11.10:
      firefox                         20.0+build1-0ubuntu0.11.10.3
    
    Ubuntu 10.04 LTS:
      firefox                         20.0+build1-0ubuntu0.10.04.3
    
    After a standard system update you need to restart Firefox to make
    all the necessary changes.
    
    References:
      http://www.ubuntu.com/usn/usn-1786-1
      CVE-2013-0788, CVE-2013-0789, CVE-2013-0791, CVE-2013-0792,
      CVE-2013-0793, CVE-2013-0794, CVE-2013-0795, CVE-2013-0796,
      CVE-2013-0800, https://launchpad.net/bugs/1161422
    
    Package Information:
      https://launchpad.net/ubuntu/+source/firefox/20.0+build1-0ubuntu0.12.10.3
      https://launchpad.net/ubuntu/+source/firefox/20.0+build1-0ubuntu0.12.04.3
      https://launchpad.net/ubuntu/+source/firefox/20.0+build1-0ubuntu0.11.10.3
      https://launchpad.net/ubuntu/+source/firefox/20.0+build1-0ubuntu0.10.04.3
    
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"23","type":"x","order":"1","pct":56.1,"resources":[]},{"id":"88","title":"Should be more technical","votes":"5","type":"x","order":"2","pct":12.2,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"13","type":"x","order":"3","pct":31.71,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    Advisories

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.