Home / mailingsPDF  

[USN-1681-1] Firefox vulnerabilities

Posted on 09 January 2013
Ubuntu Security

==========================
==========================
========================
Ubuntu Security Notice USN-1681-1
January 09, 2013

firefox vulnerabilities
==========================
==========================
========================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 10.04 LTS

Summary:

Several security issues were fixed in Firefox.

Software Description:
- firefox: Mozilla Open Source web browser

Details:

Christoph Diehl, Christian Holler, Mats Palmgren, Chiaki Ishikawa, Bill
Gianopoulos, Benoit Jacob, Gary Kwong, Robert O'Callahan, Jesse Ruderman,=

and Julian Seward discovered multiple memory safety issues affecting
Firefox. If the user were tricked into opening a specially crafted page, =
an
attacker could possibly exploit these to cause a denial of service via
application crash, or potentially execute code with the privileges of the=

user invoking Firefox. (CVE-2013-0769, CVE-2013-0749, CVE-2013-0770)

Abhishek Arya discovered several user-after-free and buffer overflows in
Firefox. An attacker could exploit these to cause a denial of service via=

application crash, or potentially execute code with the privileges of the=

user invoking Firefox. (CVE-2013-0760, CVE-2013-0761, CVE-2013-0762,
CVE-2013-0763, CVE-2013-0766, CVE-2013-0767, CVE-2013-0771, CVE-2012-5829=
)

A stack buffer was discovered in Firefox. If the user were tricked into
opening a specially crafted page, an attacker could possibly exploit this=

to cause a denial of service via application crash, or potentially execut=
e
code with the privileges of the user invoking Firefox. (CVE-2013-0768)

Masato Kinugawa discovered that Firefox did not always properly display U=
RL
values in the address bar. A remote attacker could exploit this to conduc=
t
URL spoofing and phishing attacks. (CVE-2013-0759)

Atte Kettunen discovered that Firefox did not properly handle HTML tables=

with a large number of columns and column groups. If the user were tricke=
d
into opening a specially crafted page, an attacker could exploit this to
cause a denial of service via application crash, or potentially execute
code with the privileges of the user invoking Firefox. (CVE-2013-0744)

Jerry Baker discovered that Firefox did not always properly handle
threading when performing downloads over SSL connections. An attacker cou=
ld
exploit this to cause a denial of service via application crash.
(CVE-2013-0764)

Olli Pettay and Boris Zbarsky discovered flaws in the Javacript engine of=

Firefox. An attacker could cause a denial of service via application cras=
h,
or potentially execute code with the privileges of the user invoking
Firefox. (CVE-2013-0745, CVE-2013-0746)

Jesse Ruderman discovered a flaw in the way Firefox handled plugins. If =
a
user were tricked into opening a specially crafted page, a remote attacke=
r
could exploit this to bypass security protections to conduct clickjacking=

attacks. (CVE-2013-0747)

Jesse Ruderman discovered an information leak in Firefox. An attacker cou=
ld
exploit this to reveal memory address layout which could help in bypassin=
g
ASLR protections. (CVE-2013-0748)

An integer overflow was discovered in the Javascript engine, leading to a=

heap-based buffer overflow. If the user were tricked into opening a
specially crafted page, an attacker could possibly exploit this to execut=
e
code with the privileges of the user invoking Firefox. (CVE-2013-0750)

Sviatoslav Chagaev discovered that Firefox did not properly handle XBL
files with multiple XML bindings with SVG content. An attacker could caus=
e
a denial of service via application crash, or potentially execute code wi=
th
the privileges of the user invoking Firefox. (CVE-2013-0752)

Mariusz Mlynski discovered two flaws to gain access to privileged chrome
functions. An attacker could possibly exploit this to execute code with t=
he
privileges of the user invoking Firefox. (CVE-2013-0757, CVE-2013-0758)

Several use-after-free issues were discovered in Firefox. If the user wer=
e
tricked into opening a specially crafted page, an attacker could possibly=

exploit this to execute code with the privileges of the user invoking
Firefox. (CVE-2013-0753, CVE-2013-0754, CVE-2013-0755, CVE-2013-0756)

Two intermediate CA certificates were mis-issued by the TURKTRUST
certificate authority. If a remote attacker were able to perform a
man-in-the-middle attack, this flaw could be exploited to view sensitive
information. (CVE-2013-0743)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.10:
firefox 18.0+build1-0ubuntu0.12.10.3

Ubuntu 12.04 LTS:
firefox 18.0+build1-0ubuntu0.12.04.3

Ubuntu 11.10:
firefox 18.0+build1-0ubuntu0.11.10.3

Ubuntu 10.04 LTS:
firefox 18.0+build1-0ubuntu0.10.04.3

After a standard system update you need to restart Firefox to make all th=
e
necessary changes.

References:
http://www.ubuntu.com/usn/usn-1681-1
CVE-2012-5829, CVE-2013-0743, CVE-2013-0744, CVE-2013-0745,
CVE-2013-0746, CVE-2013-0747, CVE-2013-0748, CVE-2013-0749,
CVE-2013-0750, CVE-2013-0752, CVE-2013-0753, CVE-2013-0754,
CVE-2013-0755, CVE-2013-0756, CVE-2013-0757, CVE-2013-0758,
CVE-2013-0759, CVE-2013-0760, CVE-2013-0761, CVE-2013-0762,
CVE-2013-0763, CVE-2013-0764, CVE-2013-0766, CVE-2013-0767,
CVE-2013-0768, CVE-2013-0769, CVE-2013-0770, CVE-2013-0771,
https://launchpad.net/bugs/1096387

Package Information:
https://launchpad.net/ubuntu/+source/firefox/18.0+build1-0ubuntu0.12.10=
=2E3
https://launchpad.net/ubuntu/+source/firefox/18.0+build1-0ubuntu0.12.04=
=2E3
https://launchpad.net/ubuntu/+source/firefox/18.0+build1-0ubuntu0.11.10=
=2E3
https://launchpad.net/ubuntu/+source/firefox/18.0+build1-0ubuntu0.10.04=
=2E3





------------

 

TOP

Mailings :

Exploits :