Home / mailings [USN-1729-1] Firefox vulnerabilities
Posted on 20 February 2013
Ubuntu Security==========================
==========================
========================
Ubuntu Security Notice USN-1729-1
February 20, 2013
firefox vulnerabilities
==========================
==========================
========================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 10.04 LTS
Summary:
Firefox could be made to crash or run programs as your login if it opened=
a
malicious website.
Software Description:
- firefox: Mozilla Open Source web browser
Details:
Olli Pettay, Christoph Diehl, Gary Kwong, Jesse Ruderman, Andrew McCreigh=
t,
Joe Drew, Wayne Mery, Alon Zakai, Christian Holler, Gary Kwong, Luke
Wagner, Terrence Cole, Timothy Nikkel, Bill McCloskey, and Nicolas Pierro=
n
discovered multiple memory safety issues affecting Firefox. If the user
were tricked into opening a specially crafted page, an attacker could
possibly exploit these to cause a denial of service via application crash=
=2E
(CVE-2013-0783, CVE-2013-0784)
Atte Kettunen discovered that Firefox could perform an out-of-bounds read=
while rendering GIF format images. An attacker could exploit this to cras=
h
Firefox. (CVE-2013-0772)
Boris Zbarsky discovered that Firefox did not properly handle some wrappe=
d
WebIDL objects. If the user were tricked into opening a specially crafted=
page, an attacker could possibly exploit this to cause a denial of servic=
e
via application crash, or potentially execute code with the privileges of=
the user invoking Firefox. (CVE-2013-0765)
Bobby Holley discovered vulnerabilities in Chrome Object Wrappers (COW) a=
nd
System Only Wrappers (SOW). If a user were tricked into opening a special=
ly
crafted page, a remote attacker could exploit this to bypass security
protections to obtain sensitive information or potentially execute code
with the privileges of the user invoking Firefox. (CVE-2013-0773)
Frederik Braun that Firefox made the location of the active browser profi=
le
available to JavaScript workers. (CVE-2013-0774)
A use-after-free vulnerability was discovered in Firefox. An attacker cou=
ld
potentially exploit this to execute code with the privileges of the user
invoking Firefox. (CVE-2013-0775)
Michal Zalewski discovered that Firefox would not always show the correct=
address when cancelling a proxy authentication prompt. A remote attacker
could exploit this to conduct URL spoofing and phishing attacks.
(CVE-2013-0776)
Abhishek Arya discovered several problems related to memory handling. If
the user were tricked into opening a specially crafted page, an attacker
could possibly exploit these to cause a denial of service via application=
crash, or potentially execute code with the privileges of the user invoki=
ng
Firefox. (CVE-2013-0777, CVE-2013-0778, CVE-2013-0779, CVE-2013-0780,
CVE-2013-0781, CVE-2013-0782)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.10:
firefox 19.0+build1-0ubuntu0.12.10.1
Ubuntu 12.04 LTS:
firefox 19.0+build1-0ubuntu0.12.04.1
Ubuntu 11.10:
firefox 19.0+build1-0ubuntu0.11.10.1
Ubuntu 10.04 LTS:
firefox 19.0+build1-0ubuntu0.10.04.1
After a standard system update you need to restart Firefox to make all th=
e
necessary changes.
References:
http://www.ubuntu.com/usn/usn-1729-1
CVE-2013-0765, CVE-2013-0772, CVE-2013-0773, CVE-2013-0774,
CVE-2013-0775, CVE-2013-0776, CVE-2013-0777, CVE-2013-0778,
CVE-2013-0779, CVE-2013-0780, CVE-2013-0781, CVE-2013-0782,
CVE-2013-0783, CVE-2013-0784, https://launchpad.net/bugs/1128883
Package Information:
https://launchpad.net/ubuntu/+source/firefox/19.0+build1-0ubuntu0.12.10=
=2E1
https://launchpad.net/ubuntu/+source/firefox/19.0+build1-0ubuntu0.12.04=
=2E1
https://launchpad.net/ubuntu/+source/firefox/19.0+build1-0ubuntu0.11.10=
=2E1
https://launchpad.net/ubuntu/+source/firefox/19.0+build1-0ubuntu0.10.04=
=2E1
------------
