Home / mailings [USN-1401-1] Xulrunner vulnerabilities
Posted on 19 March 2012
Ubuntu Security==========================
==========================
========================
Ubuntu Security Notice USN-1401-1
March 19, 2012
xulrunner-1.9.2 vulnerabilities
==========================
==========================
========================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 10.10
- Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in Firefox.
Software Description:
- xulrunner-1.9.2: Mozilla Gecko runtime environment
Details:
It was discovered that a flaw in the Mozilla SVG implementation could
result in an out-of-bounds memory access if SVG elements were removed
during a DOMAttrModified event handler. If the user were tricked into
opening a specially crafted page, an attacker could exploit this to cause=
a
denial of service via application crash. (CVE-2011-3658)
Atte Kettunen discovered a use-after-free vulnerability in the Gecko
Rendering Engine's handling of SVG animations. An attacker could
potentially exploit this to execute arbitrary code with the privileges of=
the user invoking the Xulrunner based application. (CVE-2012-0457)
=20
Atte Kettunen discovered an out of bounds read vulnerability in the Gecko=
Rendering Engine's handling of SVG Filters. An attacker could potentially=
exploit this to make data from the user's memory accessible to the page
content. (CVE-2012-0456)
Soroush Dalili discovered that the Gecko Rendering Engine did not
adequately protect against dropping JavaScript links onto a frame. A remo=
te
attacker could, through cross-site scripting (XSS), exploit this to modif=
y
the contents of the frame or steal confidential data. (CVE-2012-0455)
Mariusz Mlynski discovered that the Home button accepted JavaScript links=
to set the browser Home page. An attacker could use this vulnerability to=
get the script URL loaded in the privileged about:sessionrestore context.=
(CVE-2012-0458)
Bob Clary, Vincenzo Iozzo, and Willem Pinckaers discovered memory safety
issues affecting Firefox. If the user were tricked into opening a special=
ly
crafted page, an attacker could exploit these to cause a denial of servic=
e
via application crash, or potentially execute code with the privileges of=
the user invoking Firefox. (CVE-2012-0461, CVE-2012-0464)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 10.10:
xulrunner-1.9.2 1.9.2.28+build1+nobinonly-0ubuntu0.10.1=
0.1
Ubuntu 10.04 LTS:
xulrunner-1.9.2 1.9.2.28+build1+nobinonly-0ubuntu0.10.0=
4.1
After a standard system update you need to restart any application based =
on
Xulrunner such as Yelp or Conkeror to make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1401-1
CVE-2011-3658, CVE-2012-0455, CVE-2012-0456, CVE-2012-0457,
CVE-2012-0458, CVE-2012-0461, CVE-2012-0464, https://launchpad.net/bugs=
/953736
Package Information:
https://launchpad.net/ubuntu/+source/xulrunner-1.9.2/1.9.2.28+build1+no=
binonly-0ubuntu0.10.10.1
https://launchpad.net/ubuntu/+source/xulrunner-1.9.2/1.9.2.28+build1+no=
binonly-0ubuntu0.10.04.1
------------
