Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Advisory Watch: March 27th, 2015
Linux Security Week: March 23rd, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Ubuntu: 930-1: Firefox and Xulrunner vulnerabilities Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Ubuntu If was discovered that Firefox could be made to access freed memory. If auser were tricked into viewing a malicious site, a remote attacker couldcause a denial of service or possibly execute arbitrary code with theprivileges of the user invoking the program. This issue only affectedUbuntu 8.04 LTS. (CVE-2010-1121) [More...]
Ubuntu Security Notice USN-930-1              June 29, 2010
firefox, firefox-3.0, xulrunner-1.9.2 vulnerabilities
CVE-2008-5913, CVE-2010-1121, CVE-2010-1125, CVE-2010-1196,
CVE-2010-1197, CVE-2010-1198, CVE-2010-1199, CVE-2010-1200,
CVE-2010-1201, CVE-2010-1202, CVE-2010-1203

A security issue affects the following Ubuntu releases:

Ubuntu 8.04 LTS
Ubuntu 10.04 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 8.04 LTS:
  firefox                         3.6.6+nobinonly-0ubuntu0.8.04.1

Ubuntu 10.04 LTS:
  abrowser                        3.6.6+nobinonly-0ubuntu0.10.04.1
  firefox                         3.6.6+nobinonly-0ubuntu0.10.04.1

Mozilla has changed the support model for Firefox and they no longer
support version 3.0 of the browser. As a result, Ubuntu is providing an
upgrade to Firefox 3.6 for Ubuntu 8.04 LTS users, which is the most current
stable release of Firefox supported by Mozilla. When upgrading, users
should be aware of the following:

- Firefox 3.6 does not support version 5 of the Sun Java plugin. Please use
  icedtea-java7-plugin or sun-java6-plugin instead.
- After upgrading to Firefox 3.6.6, users may be prompted to upgrade 3rd
  party Add-Ons. In some cases, an Add-On will not be compatible with
  Firefox 3.6.6 and have no update available. In these cases, Firefox will
  notify the user that it is disabling the Add-On.
- Upgrades to Ubuntu 8.10 from Ubuntu 8.04 LTS may break the browser.
  Ubuntu 8.10 is no longer officially supported and users are required to
  upgrade to 9.04 to receive active security support and a functional browser.
- Font configuration cannot be controlled via Gnome settings. This is a
  known issue being tracked in and will
  be fixed in a later update.
- helix-player is not currently supported in Firefox 3.6. This is a known
  issue and may be fixed in a future update.
- RealAudio via the totem plugin is no longer supported in Firefox 3.6 in
  Ubuntu 8.04 LTS. Affected users navigating to Real content will be
  prompted to install optional community supported packages.
- In Ubuntu 8.04 LTS the xine plugin is non-functional. After upgrading to
  Firefox 3.6, the plugin may cause the browser to crash, while in Firefox
  3.0 it would be silently ignored. Users are advised to uninstall
  xine-plugin and/or gxineplugin.
- Plugins using external helpers (such as Totem) may not close when using
  the Epiphany browser. This is a known issue being tracked in and will be fixed in a later update.
  This issue only affects Ubuntu 8.04 LTS.

After a standard system upgrade you need to restart Firefox and any
applications that use Xulrunner to effect the necessary changes.

Details follow:

If was discovered that Firefox could be made to access freed memory. If a
user were tricked into viewing a malicious site, a remote attacker could
cause a denial of service or possibly execute arbitrary code with the
privileges of the user invoking the program. This issue only affected
Ubuntu 8.04 LTS. (CVE-2010-1121)

Several flaws were discovered in the browser engine of Firefox. If a
user were tricked into viewing a malicious site, a remote attacker could
cause a denial of service or possibly execute arbitrary code with the
privileges of the user invoking the program. (CVE-2010-1200, CVE-2010-1201,
CVE-2010-1202, CVE-2010-1203)

A flaw was discovered in the way plugin instances interacted. An attacker
could potentially exploit this and use one plugin to access freed memory from a
second plugin to execute arbitrary code with the privileges of the user
invoking the program. (CVE-2010-1198)

An integer overflow was discovered in Firefox. If a user were tricked into
viewing a malicious site, an attacker could overflow a buffer and cause a
denial of service or possibly execute arbitrary code with the privileges of
the user invoking the program. (CVE-2010-1196)

Martin Barbella discovered an integer overflow in an XSLT node sorting
routine. An attacker could exploit this to overflow a buffer and cause a
denial of service or possibly execute arbitrary code with the privileges of
the user invoking the program. (CVE-2010-1199)

Michal Zalewski discovered that the focus behavior of Firefox could be
subverted. If a user were tricked into viewing a malicious site, a remote
attacker could use this to capture keystrokes. (CVE-2010-1125)

Ilja van Sprundel discovered that the 'Content-Disposition: attachment'
HTTP header was ignored when 'Content-Type: multipart' was also present.
Under certain circumstances, this could potentially lead to cross-site
scripting attacks. (CVE-2010-1197)

Amit Klein discovered that Firefox did not seed its random number generator
often enough. An attacker could exploit this to identify and track users
across different web sites. (CVE-2008-5913)

Updated packages for Ubuntu 8.04 LTS:

  Source archives:
      Size/MD5:   132866 51ed825b5274755cfbe49ea2a9fa888a
      Size/MD5:     2457 56f5c0a07f76026efc12a600ae72fbaf
      Size/MD5: 49863533 683b70c4ef74c32db815b1ae6215ba2a
      Size/MD5:    66992 255c5ade8f5bb9a64c1f41c9ddb00df0
      Size/MD5:     2547 80e8767074aaced9f83bddb7cbd76717
      Size/MD5: 49058228 ea33b72c8e918ed4dfc20f102c947a6c

  Architecture independent packages:
      Size/MD5:    69598 f634f60b0e84d7d3a32bc5f9ed3a8ace
      Size/MD5:    69424 27ca8e6b0d3d929d9b91d4acfdd0ebf2
      Size/MD5:    69444 869f031ea4472c6da9e45be4749cf40c
      Size/MD5:    69780 2ac29db2b0838bd9f59e090c7be3acf8
      Size/MD5:    69446 73ad43ddeca5def230ab86bd24a60c8e
      Size/MD5:    69430 b6545e7024eaebd6e9033a79649fb4a4
      Size/MD5:    69460 20688483ee678adfed66b093b6241e01
      Size/MD5:    69430 d5587bc7b0085efe6832ee8bebb472b5
      Size/MD5:    69422 1e361176850b02f51aa6b66fe1cc9685
      Size/MD5:    69454 d74555814198c87a9effc2c9c6276eff
      Size/MD5:    69416 e3c10a76698f382ca688f9d554a88c2a

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:   193276 614f30d81688cbf4a9877df6028f0c78
      Size/MD5:   196856 eeddf527b26aa69d04a74a61a3599328
      Size/MD5: 61790544 156236c071562711f4024c43dc9e9cf3
      Size/MD5:    69538 52202d7f6d371d7286d03e24992d0472
      Size/MD5:   117522 c9d25ee64f16358d271fa98df8588841
      Size/MD5:    69902 6bb0ea20d81af7f44cd30c4354c92472
      Size/MD5: 12571760 ab0bd4ad6c288a828de472790629b3c6
      Size/MD5: 65559558 f2f649990aa5532b2cccd452b1510768
      Size/MD5:  4846174 2e4c156802c53912cfd88fd108327be2
      Size/MD5:    53522 65cbdad0091651e42acd63af03fc3584
      Size/MD5:    75444 c0fc790bf0698a5cc7aa2f8368fe1d51
      Size/MD5:  7753874 75b801f29805a12b6c9a47dae3364c7c
      Size/MD5: 11001498 14f003e9ab3d7f563dd6ae0898c7a885
      Size/MD5:    29274 6c8552961496a990179db9928b57b15a

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:   193264 3682a89d4cad06c434d0597dbbe77aa8
      Size/MD5:   196846 8b96270a3077a6b965f3bb2c0b663417
      Size/MD5: 61374458 8db176f6fe7b90ae84932f5b662d6e71
      Size/MD5:    69536 17932a4195b622fa1b0da6292462d01a
      Size/MD5:   112768 79dfc3bb3b6ba0a0750dce97aae1a02b
      Size/MD5:    69904 305d4c889a531528c565fed125df7844
      Size/MD5: 11083926 fe009f895746a5c7f81f00aed9de2172
      Size/MD5: 65706852 279a394ae2c1dddb58a3ae58329d951e
      Size/MD5:  4870674 bab99873a202162852c4666b4fdcdf7c
      Size/MD5:    44070 78f20bdbc0102564ffe518b3ade234d5
      Size/MD5:    75440 ce0262de81e725e518f2276f4e3e30ee
      Size/MD5:  7488338 fe75a6848eb2bac16ace4416881ddb23
      Size/MD5:  9731500 6eeb225d56802a137e7fb78184f0a5ee
      Size/MD5:    29274 7161acd63235a53da816e3973b2cc988

  lpia architecture (Low Power Intel Architecture):
      Size/MD5:   193262 f8fdbd2f2d831e61de4c17e5a1c5300e
      Size/MD5:   196850 2f6e3181d105b33f8aeac4ad26f095b8
      Size/MD5: 55664664 42fe943de4b491ef5286be100e146d08
      Size/MD5:    69538 f3657bb0fb4c1191cf33481c6b8938ee
      Size/MD5:   112600 d84d168bd00ef5db2ceafba836e59f23
      Size/MD5:    69902 d113b23cc3a038863646c6c5996f5570
      Size/MD5: 10533562 672d0f9a1de5b290a0d6e577f35efbbe
      Size/MD5: 60005212 11d6fe014d4ea06b6c6edc9c38aeeb0c
      Size/MD5:  4828902 81f50ffb9e87b207d34dddbf2e6af8ca
      Size/MD5:    43000 0d086a7284a6001d381368edf29ee04d
      Size/MD5:    75434 c8daf29b334380be101a39215b7bfbfb
      Size/MD5:  7466566 6c67dfd17c7582182f2d694c55d1e097
      Size/MD5:  9205106 dc521ab5bafdfa1bc6018536e9663ee5
      Size/MD5:    29270 0470a392199159b414d075f472ae617e

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:   193276 a47ecc40e607f88197ca0ede3ce7161d
      Size/MD5:   196860 aceef676df93cf239e82ca33f5dde452
      Size/MD5: 57218908 a57d53e138fb819e1b380307f36f6d0b
      Size/MD5:    69546 9d142e04ad4477d43d5b86cad3385a20
      Size/MD5:   117864 49e3956627ea56b019a98403124d6622
      Size/MD5:    69908 c7fc023738fa72f01cff9fa0992bafc0
      Size/MD5: 11620806 22facaedfb88b9dd43d3498267e26d0c
      Size/MD5: 61599582 a0b5ca1aecc435581bef45fea03b0948
      Size/MD5:  4807178 b8a712589aaa8317e5c0a6a3ccecef00
      Size/MD5:    51378 5cfbc7691214d4c56578a2d30c253409
      Size/MD5:    75454 6f961131304b29f8b6a1b54f914b0bf6
      Size/MD5:  7861572 146b76e56e91b3e13b2e6f8932080c73
      Size/MD5: 11055568 e0aeb6e52f3982983bb4ee986ffb3e17
      Size/MD5:    29270 f78d3a602e28e0149c2fd36ccbbd3545

Updated packages for Ubuntu 10.04:

  Source archives:
      Size/MD5:   176137 88ed33a0d3d5b43cece3c843be2b9264
      Size/MD5:     2530 997612ef384e3d99e4f90983590e33c9
      Size/MD5: 49863533 683b70c4ef74c32db815b1ae6215ba2a
      Size/MD5:    59292 75ae45bdd981c1644551de93b9b91ba0
      Size/MD5:     2576 b964ec4130058cbe93884f7e6fd5b93a
      Size/MD5: 49058228 ea33b72c8e918ed4dfc20f102c947a6c

  Architecture independent packages:
      Size/MD5:    80028 748c518a69136a0c5116df3c39cfe15f
      Size/MD5:    79792 b140b37b984814832998558451296ca8
      Size/MD5:    79794 e6775976cde856f256a308ac47620367
      Size/MD5:    79794 bf576e09fabb23ebd5529f5b27ac1e48
      Size/MD5:    79796 839acc478be97eaa24f236e1d68ac0ae
      Size/MD5:    79794 a595273f25f1cd1d085b529c48885411
      Size/MD5:    79812 d47901e6bf5f260512774be91f787d38
      Size/MD5:     8936 9f6e774a64917901d434c5f2fa825178
      Size/MD5:    79814 dbcfac98fbb53aea839f427ba662ef8d
      Size/MD5:    79818 2d9d8d4e5843a19c3d108c965c990c10
      Size/MD5:    79798 7fa102c324c5a166d0f0b348ecdd89c3
      Size/MD5:    79782 65e2aabb3a3d18c8f3395c3a239f0e67
      Size/MD5:    79816 c39fc0bf3f22cd1a7ae90a44eb288930
      Size/MD5:    79778 a4dc44116de479138cbee4f6f319855f
      Size/MD5:    79804 f2b6ffed3265d25f807dca2c3790cae9
      Size/MD5:    79814 3c9a20d13e369c1735d2ba8213a63325
      Size/MD5:    79786 2c04a413a21d2fa1a71ae4a41f19d7ec
      Size/MD5:    29638 e338ba2caa666a18563ade1151b6022f

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:   207114 3827461e5baa8f87321877ee8b7e7d6f
      Size/MD5: 62187836 ae12c01d0ecccebad6d854704e15be40
      Size/MD5:    79890 82198a7f86f8367ef3a8f3baac557bf4
      Size/MD5:   113956 3ef0745beddbb2fda0343de8f5e179a9
      Size/MD5:    80368 4424d8042fa3b82bbf538c3b868cd494
      Size/MD5: 12517256 37c993242be15e4345438656476d3b58
      Size/MD5: 64509378 a66db6eefef5bc3b9cc3dba0971e0403
      Size/MD5:  4729054 58a3470202008301171de0edbefd0cf2
      Size/MD5:    75198 b699a45d37b5d6c10ca316a88c1f7df4
      Size/MD5: 10367622 af7d435a1a0d9dfda70d02ef1d94c645
      Size/MD5:    29114 0ed257cf96443d0d8a9abdf3f5951fb4
      Size/MD5:   203554 bc7aefb3a89644fa9835814949f8d368
      Size/MD5:    51036 d819a79de9f35015b05a6d23b0db044c
      Size/MD5:  7624732 3341f08812ddd5c1c7c7578598a843dd

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:   207118 2ee17e7cb2912e516ee88ba62369d733
      Size/MD5: 62672190 0f9477306f59b40b24e84e6fb462ef9c
      Size/MD5:    79890 bb63405f59d2af2b7efae8e5a03315b9
      Size/MD5:   113432 751a9dddad0a917c6f9ea7f6cb2b235a
      Size/MD5:    80368 4b3c82c31cd65305011c62faa0c1d9f7
      Size/MD5: 11240016 0425ee20559a9a20eefe2a99516ffb95
      Size/MD5: 65723832 dde6305b4f598fba78dc61b3ca727d2d
      Size/MD5:  4757388 730b461b90d57aebba1f4b549e715128
      Size/MD5:    75190 6043c189c56f9ae0832c4ec699e84c38
      Size/MD5:  9364744 8195fd3d866f7cc1ba48d13d07db226d
      Size/MD5:    29108 5c38e6215a9ef26f4b8dfc9b88491736
      Size/MD5:   203550 6a6622fd25ce3caaf59c88c32da4d301
      Size/MD5:    43240 92845da513722da84624332c3e967617
      Size/MD5:  7448892 40fd20b7b6a3a61c4229c02fd406e25f

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:   207128 845914559e68bc8fa681dd5612bc0111
      Size/MD5: 59229932 024fd69f9e91299ae38e9b1cd1c40567
      Size/MD5:    79892 67a62844d5018cfdd4980af26eaf6ec8
      Size/MD5:   118314 b52505df05749ab8276581afebd7c6cc
      Size/MD5:    80380 59fb5d60942e3bd7d9708d772c3be756
      Size/MD5: 12037996 d2e36f125d7cf041fb73267025b230bc
      Size/MD5: 64017580 75886d16f2f7ce0780c9b74a22fcf8df
      Size/MD5:  4698756 9389c125ce8d0c10eaabd69885007b71
      Size/MD5:    75214 6fc349d2821a738b3aa4c6ca913623ee
      Size/MD5: 10427040 733230869c26e51ac0e2df52a93084a8
      Size/MD5:    29114 7c324bce2a33f68ce70e1d3265ed2834
      Size/MD5:   203560 1cb18f5b46acf5dd12b4387cfd940adf
      Size/MD5:    50640 261482c7bbdc85ace2b3f62040dbe838
      Size/MD5:  7721150 0cb4d057872beac77a6b85617b601161

  sparc architecture (Sun SPARC/UltraSPARC):
      Size/MD5:   207126 2e7ce356e634be0ee52b88b1ff9535bd
      Size/MD5: 56525042 ba2372611674e6cb341644041e6d5487
      Size/MD5:    79892 c1d04f1b99462043fac5bf611d0ea8ac
      Size/MD5:   109152 7ee9bfebee76972ce7112f891a86c849
      Size/MD5:    80374 875fca9aa9c5c535f74ae61156eb13f4
      Size/MD5: 11415432 725c832de63948cc692dd01d9cdfdc09
      Size/MD5: 58773568 365797b2426217b703d1e588d22863ff
      Size/MD5:  4679748 7ab698d4182e746fd4ac575675830fe4
      Size/MD5:    75210 733f4a9c0157360928f4898f35229f59
      Size/MD5:  9344074 987f065a931fd30c7f3e19a6358c262c
      Size/MD5:    29122 2bc5a06a55470a96a558f3bd8a510a76
      Size/MD5:   203560 7ec2687f64480b79bd9dabf1903620cb
      Size/MD5:    42392 becaedcb2ad97555b0ac185d9fbe0073
      Size/MD5:  7433534 0170a5b821e09a0cd5348e77ac6828c2

< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
FBI Quietly Removes Recommendation To Encrypt Your Phone
And the prize for LEAST SECURE BROWSER goes to ... Chrome!
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.