Home / mailingsPDF  

[USN-1509-2] ubufox update

Posted on 18 July 2012
Ubuntu Security

==========================
==========================
========================
Ubuntu Security Notice USN-1509-2
July 18, 2012

ubufox update
==========================
==========================
========================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.04 LTS

Summary:

This update provides compatible ubufox packages for the latest Firefox.

Software Description:
- ubufox: Ubuntu Firefox specific configuration defaults and apt support

Details:

USN-1509-1 fixed vulnerabilities in Firefox. This update provides an updated
ubufox package for use with the lastest Firefox.

Original advisory details:

Benoit Jacob, Jesse Ruderman, Christian Holler, Bill McCloskey, Brian Smit=
h,
Gary Kwong, Christoph Diehl, Chris Jones, Brad Lassey, and Kyle Huey disco=
vered
memory safety issues affecting Firefox. If the user were tricked into open=
ing a
specially crafted page, an attacker could possibly exploit these to cause a
denial of service via application crash, or potentially execute code with =
the
privileges of the user invoking Firefox. (CVE-2012-1948, CVE-2012-1949)
=20
Mario Gomes discovered that the address bar may be incorrectly updated.
Drag-and-drop events in the address bar may cause the address of the previ=
ous
site to be displayed while a new page is loaded. An attacker could exploit=
this
to conduct phishing attacks. (CVE-2012-1950)
=20
Abhishek Arya discovered four memory safety issues affecting Firefox. If t=
he
user were tricked into opening a specially crafted page, an attacker could
possibly exploit these to cause a denial of service via application crash,=
or
potentially execute code with the privileges of the user invoking Firefox.
(CVE-2012-1951, CVE-2012-1952, CVE-2012-1953, CVE-2012-1954)
=20
Mariusz Mlynski discovered that the address bar may be incorrectly updated.
Calls to history.forward and history.back could be used to navigate to a s=
ite
while the address bar still displayed the previous site. A remote attacker
could exploit this to conduct phishing attacks. (CVE-2012-1955)
=20
Mario Heiderich discovered that HTML <embed> tags were not filtered out of=
the
HTML <description> of RSS feeds. A remote attacker could exploit this to
conduct cross-site scripting (XSS) attacks via javascript execution in the=
HTML
feed view. (CVE-2012-1957)
=20
Arthur Gerkis discovered a use-after-free vulnerability. If the user were
tricked into opening a specially crafted page, an attacker could possibly
exploit this to cause a denial of service via application crash, or potent=
ially
execute code with the privileges of the user invoking Firefox. (CVE-2012-1=
958)
=20
Bobby Holley discovered that same-compartment security wrappers (SCSW) cou=
ld be
bypassed to allow XBL access. If the user were tricked into opening a spec=
ially
crafted page, an attacker could possibly exploit this to execute code with=
the
privileges of the user invoking Firefox. (CVE-2012-1959)
=20
Tony Payne discovered an out-of-bounds memory read in Mozilla's color
management library (QCMS). If the user were tricked into opening a special=
ly
crafted color profile, an attacker could possibly exploit this to cause a
denial of service via application crash. (CVE-2012-1960)
=20
Fr=E9d=E9ric Buclin discovered that the X-Frame-Options header was ignored=
when its
value was specified multiple times. An attacker could exploit this to cond=
uct
clickjacking attacks. (CVE-2012-1961)
=20
Bill Keese discovered a memory corruption vulnerability. If the user were
tricked into opening a specially crafted page, an attacker could possibly
exploit this to cause a denial of service via application crash, or potent=
ially
execute code with the privileges of the user invoking Firefox. (CVE-2012-1=
962)
=20
Karthikeyan Bhargavan discovered an information leakage vulnerability in t=
he
Content Security Policy (CSP) 1.0 implementation. If the user were tricked=
into
opening a specially crafted page, an attacker could possibly exploit this =
to
access a user's OAuth 2.0 access tokens and OpenID credentials. (CVE-2012-=
1963)
=20
Matt McCutchen discovered a clickjacking vulnerability in the certificate
warning page. A remote attacker could trick a user into accepting a malici=
ous
certificate via a crafted certificate warning page. (CVE-2012-1964)
=20
Mario Gomes and Soroush Dalili discovered that javascript was not filtered=
out
of feed URLs. If the user were tricked into opening a specially crafted UR=
L, an
attacker could possibly exploit this to conduct cross-site scripting (XSS)
attacks. (CVE-2012-1965)
=20
A vulnerability was discovered in the context menu of data: URLs. If the u=
ser
were tricked into opening a specially crafted URL, an attacker could possi=
bly
exploit this to conduct cross-site scripting (XSS) attacks. (CVE-2012-1966)
=20
It was discovered that the execution of javascript: URLs was not properly
handled in some cases. A remote attacker could exploit this to execute code
with the privileges of the user invoking Firefox. (CVE-2012-1967)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
ubufox 2.1.1-0ubuntu0.12.04.1
xul-ext-ubufox 2.1.1-0ubuntu0.12.04.1

Ubuntu 11.10:
ubufox 2.1.1-0ubuntu0.11.10.1
xul-ext-ubufox 2.1.1-0ubuntu0.11.10.1

Ubuntu 11.04:
ubufox 2.1.1-0ubuntu0.11.04.1
xul-ext-ubufox 2.1.1-0ubuntu0.11.04.1

Ubuntu 10.04 LTS:
ubufox 2.1.1-0ubuntu0.10.04.1
xul-ext-ubufox 2.1.1-0ubuntu0.10.04.1

When upgrading, users should be aware of the following:

- In Ubuntu 11.04, unity-2d users may lose the ability to view drop-down me=
nus,
context menus, and perform drag-and-drop operations in Firefox. This is a k=
nown
issue being tracked in https://launchpad.net/bugs/1020198 and may be fixed =
in a
later update.

After a standard system update you need to restart Firefox to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1509-2
http://www.ubuntu.com/usn/usn-1509-1
https://launchpad.net/bugs/1024562

Package Information:
https://launchpad.net/ubuntu/+source/ubufox/2.1.1-0ubuntu0.12.04.1
https://launchpad.net/ubuntu/+source/ubufox/2.1.1-0ubuntu0.11.10.1
https://launchpad.net/ubuntu/+source/ubufox/2.1.1-0ubuntu0.11.04.1
https://launchpad.net/ubuntu/+source/ubufox/2.1.1-0ubuntu0.10.04.1

 

TOP

Mailings :

Exploits :