Home / mailings [USN-1681-4] Firefox regression
Posted on 06 February 2013
Ubuntu Security==========================
==========================
========================
Ubuntu Security Notice USN-1681-4
February 05, 2013
firefox regression
==========================
==========================
========================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 10.04 LTS
Summary:
USN-1681-1 introduced a regression in Firefox.
Software Description:
- firefox: Mozilla Open Source web browser
Details:
USN-1681-1 fixed vulnerabilities in Firefox. Due to an upstream regressio=
n,
Firefox suffered from instabilities when accessing some websites. This
update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Christoph Diehl, Christian Holler, Mats Palmgren, Chiaki Ishikawa, Bill
Gianopoulos, Benoit Jacob, Gary Kwong, Robert O'Callahan, Jesse Ruderman=
,
and Julian Seward discovered multiple memory safety issues affecting
Firefox. If the user were tricked into opening a specially crafted page,=
an
attacker could possibly exploit these to cause a denial of service via
application crash, or potentially execute code with the privileges of th=
e
user invoking Firefox. (CVE-2013-0769, CVE-2013-0749, CVE-2013-0770)
Abhishek Arya discovered several user-after-free and buffer overflows in=
Firefox. An attacker could exploit these to cause a denial of service vi=
a
application crash, or potentially execute code with the privileges of th=
e
user invoking Firefox. (CVE-2013-0760, CVE-2013-0761, CVE-2013-0762,
CVE-2013-0763, CVE-2013-0766, CVE-2013-0767, CVE-2013-0771, CVE-2012-582=
9)
A stack buffer was discovered in Firefox. If the user were tricked into
opening a specially crafted page, an attacker could possibly exploit thi=
s
to cause a denial of service via application crash, or potentially execu=
te
code with the privileges of the user invoking Firefox. (CVE-2013-0768)
Masato Kinugawa discovered that Firefox did not always properly display =
URL
values in the address bar. A remote attacker could exploit this to condu=
ct
URL spoofing and phishing attacks. (CVE-2013-0759)
Atte Kettunen discovered that Firefox did not properly handle HTML table=
s
with a large number of columns and column groups. If the user were trick=
ed
into opening a specially crafted page, an attacker could exploit this to=
cause a denial of service via application crash, or potentially execute
code with the privileges of the user invoking Firefox. (CVE-2013-0744)
Jerry Baker discovered that Firefox did not always properly handle
threading when performing downloads over SSL connections. An attacker co=
uld
exploit this to cause a denial of service via application crash.
(CVE-2013-0764)
Olli Pettay and Boris Zbarsky discovered flaws in the Javacript engine o=
f
Firefox. An attacker could cause a denial of service via application cra=
sh,
or potentially execute code with the privileges of the user invoking
Firefox. (CVE-2013-0745, CVE-2013-0746)
Jesse Ruderman discovered a flaw in the way Firefox handled plugins. If=
a
user were tricked into opening a specially crafted page, a remote attack=
er
could exploit this to bypass security protections to conduct clickjackin=
g
attacks. (CVE-2013-0747)
Jesse Ruderman discovered an information leak in Firefox. An attacker co=
uld
exploit this to reveal memory address layout which could help in bypassi=
ng
ASLR protections. (CVE-2013-0748)
An integer overflow was discovered in the Javascript engine, leading to =
a
heap-based buffer overflow. If the user were tricked into opening a
specially crafted page, an attacker could possibly exploit this to execu=
te
code with the privileges of the user invoking Firefox. (CVE-2013-0750)
Sviatoslav Chagaev discovered that Firefox did not properly handle XBL
files with multiple XML bindings with SVG content. An attacker could cau=
se
a denial of service via application crash, or potentially execute code w=
ith
the privileges of the user invoking Firefox. (CVE-2013-0752)
Mariusz Mlynski discovered two flaws to gain access to privileged chrome=
functions. An attacker could possibly exploit this to execute code with =
the
privileges of the user invoking Firefox. (CVE-2013-0757, CVE-2013-0758)
Several use-after-free issues were discovered in Firefox. If the user we=
re
tricked into opening a specially crafted page, an attacker could possibl=
y
exploit this to execute code with the privileges of the user invoking
Firefox. (CVE-2013-0753, CVE-2013-0754, CVE-2013-0755, CVE-2013-0756)
Two intermediate CA certificates were mis-issued by the TURKTRUST
certificate authority. If a remote attacker were able to perform a
man-in-the-middle attack, this flaw could be exploited to view sensitive=
information. (CVE-2013-0743)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.10:
firefox 18.0.2+build1-0ubuntu0.12.10.1
Ubuntu 12.04 LTS:
firefox 18.0.2+build1-0ubuntu0.12.04.1
Ubuntu 11.10:
firefox 18.0.2+build1-0ubuntu0.11.10.1
Ubuntu 10.04 LTS:
firefox 18.0.2+build1-0ubuntu0.10.04.1
After a standard system update you need to restart Firefox to make all th=
e
necessary changes.
References:
http://www.ubuntu.com/usn/usn-1681-4
http://www.ubuntu.com/usn/usn-1681-1
https://launchpad.net/bugs/1116725
Package Information:
https://launchpad.net/ubuntu/+source/firefox/18.0.2+build1-0ubuntu0.12.10=
=2E1
https://launchpad.net/ubuntu/+source/firefox/18.0.2+build1-0ubuntu0.12.04=
=2E1
https://launchpad.net/ubuntu/+source/firefox/18.0.2+build1-0ubuntu0.11.10=
=2E1
https://launchpad.net/ubuntu/+source/firefox/18.0.2+build1-0ubuntu0.10.04=
=2E1
------------
