Home / mailings [USN-1786-2] Unity Firefox Extension update
Posted on 04 April 2013
Ubuntu Security==========================
==========================
========================
Ubuntu Security Notice USN-1786-2
April 04, 2013
unity-firefox-extension update
==========================
==========================
========================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.10
Summary:
This update provides a compatible version of Unity Firefox Extension for
Firefox 20.
Software Description:
- unity-firefox-extension: Unity Integration for Firefox
Details:
USN-1786-1 fixed vulnerabilities in Firefox. This update provides the
corresponding update for Unity Firefox Extension.
Original advisory details:
Olli Pettay, Jesse Ruderman, Boris Zbarsky, Christian Holler, Milan
Sreckovic, Joe Drew, Andrew McCreight, Randell Jesup, Gary Kwong and
Mats Palmgren discovered multiple memory safety issues affecting Firefox=
=2E
If the user were tricked into opening a specially crafted page, an
attacker could possibly exploit these to cause a denial of service via
application crash, or potentially execute code with the privileges of th=
e
user invoking Firefox. (CVE-2013-0788, CVE-2013-0789)
=20
Ambroz Bizjak discovered an out-of-bounds array read in the
CERT_DecodeCertPackage function of the Network Security Services (NSS)
libary when decoding certain certificates. An attacker could potentially=
exploit this to cause a denial of service via application crash.
(CVE-2013-0791)
=20
Tobias Schula discovered an information leak in Firefox when the
gfx.color_management.enablev4 preference is enabled. If the user were
tricked into opening a specially crafted image, an attacker could
potentially exploit this to steal confidential data. By default, the
gfx.color_management.enablev4 preference is not enabled in Ubuntu.
(CVE-2013-0792)
=20
Mariusz Mlynski discovered that timed history navigations could be used =
to
load arbitrary websites with the wrong URL displayed in the addressbar. =
An
attacker could exploit this to conduct cross-site scripting (XSS) or
phishing attacks. (CVE-2013-0793)
=20
It was discovered that the origin indication on tab-modal dialog boxes
could be removed, which could allow an attacker's dialog to be displayed=
over another sites content. An attacker could exploit this to conduct
phishing attacks. (CVE-2013-0794)
=20
Cody Crews discovered that the cloneNode method could be used to
bypass System Only Wrappers (SOW) to clone a protected node and bypass
same-origin policy checks. An attacker could potentially exploit this to=
steal confidential data or execute code with the privileges of the user
invoking Firefox. (CVE-2013-0795)
=20
A crash in WebGL rendering was discovered in Firefox. An attacker could
potentially exploit this to execute code with the privileges of the user=
invoking Firefox. This issue only affects users with Intel graphics
drivers. (CVE-2013-0796)
=20
Abhishek Arya discovered an out-of-bounds write in the Cairo graphics
library. An attacker could potentially exploit this to execute code with=
the privileges of the user invoking Firefox. (CVE-2013-0800)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.10:
xul-ext-unity 2.4.4-0ubuntu0.2
After a standard system update you need to restart Firefox to make
all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1786-2
http://www.ubuntu.com/usn/usn-1786-1
https://launchpad.net/bugs/1161422
Package Information:
https://launchpad.net/ubuntu/+source/unity-firefox-extension/2.4.4-0ubu=
ntu0.2
----
