Security-Alerts mailing list archive (email@example.com)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[security-alerts] FW: [SA28758] Mozilla Firefox Multiple Vulnerabilities
> Mozilla Firefox Multiple Vulnerabilities
> SECUNIA ADVISORY ID:
> VERIFY ADVISORY:
> Highly critical
> Security Bypass, Cross Site Scripting, Spoofing, Exposure of
> sensitive information, DoS, System access
> From remote
> Mozilla Firefox 2.0.x
> Some vulnerabilities and weaknesses have been reported Mozilla
> Firefox, which can be exploited by malicious people to disclose
> sensitive information, bypass certain security restrictions, conduct
> spoofing attacks, or to compromise a user's system.
> 1) Various errors in the browser engine can be exploited to cause a
> memory corruption.
> a memory corruption.
> Successful exploitation of these vulnerabilities may allow execution
> of arbitrary code.
> 3) A weakness is caused due to a design error within the focus
> handling and can potentially be exploited to trick a user into
> uploading arbitrary files.
> This is related to:
> same-origin policy via the "XMLDocument.load()" function.
> 6) An error exists in the handling of images when a user leaves a
> page, which uses "designMode" frames. This can be exploited to
> disclose the user's navigation history, forward navigation
> information, and to cause a memory corruption.
> Successful exploitation of this vulnerability may allow execution of
> arbitrary code.
> 7) A design error related to timer-enabled dialogs can be exploited
> to trick a user into unintentionally confirming a security dialog.
> 8) The problem is that Firefox follows "302" redirects for
> stylesheets and allows reading the target URL via
> "element.sheet.href". This can potentially be exploited to disclose
> sensitive URL parameters.
> The vulnerabilities are reported in versions prior to 126.96.36.199.
> Update to version 188.8.131.52.
> PROVIDED AND/OR DISCOVERED BY:
> The vendor credits:
> 1) Jesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren, and
> Paul Nickerson
> 2) Carsten Book, Wesley Garland, Igor Bukanov, moz_bug_r_a4,
> shutdown, Philip Taylor, and tgirmann
> 3) hong and Gregory Fleisher
> 4) moz_bug_r_a4 and Boris Zbarsky
> 5) moz_bug_r_a4
> 6) David Bloom
> 7) Michal Zalewski
> 8) Martin Straka
> ORIGINAL ADVISORY:
> Mozilla Foundation:
> OTHER REFERENCES: