[gentoo-announce] UPDATE: [ GLSA 200509-11 ] Mozilla Suite, Mozilla Firefox: Multiple vulnerabilities - gentoo-announce

From:	Thierry Carrez <koon@g.o>
To:	gentoo-announce@l.g.o
Cc:	bugtraq@×××××××××××××.com, full-disclosure@××××××××××××××.uk, security-alerts@×××××××××××××.com
Subject:	[gentoo-announce] UPDATE: [ GLSA 200509-11 ] Mozilla Suite, Mozilla Firefox: Multiple vulnerabilities
Date:	Fri, 30 Sep 2005 21:08:35
Message-Id:	`433DA52E.9040705@gentoo.org`

1

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

2

Gentoo Linux Security Advisory [UPDATE]               GLSA 200509-11:02

3

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

4

                                            http://security.gentoo.org/

5

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

6

7

  Severity: Normal

8

     Title: Mozilla Suite, Mozilla Firefox: Multiple vulnerabilities

9

      Date: September 18, 2005

10

   Updated: September 29, 2005

11

      Bugs: #105396

12

        ID: 200509-11:02

13

14

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

15

16

Update

17

======

18

19

This advisory was originally released to fix the heap overflow in IDN

20

headers. However, the official fixed release included several other

21

security fixes as well.

22

23

The updated sections appear below.

24

25

Synopsis

26

========

27

28

Mozilla Suite and Firefox are vulnerable to multiple issues, including

29

some that might be exploited to execute arbitrary code.

30

31

Background

32

==========

33

34

The Mozilla Suite is a popular all-in-one web browser that includes a

35

mail and news reader. Mozilla Firefox is the next-generation browser

36

from the Mozilla project. Gecko is the layout engine used in both

37

products.

38

39

Affected packages

40

=================

41

42

    -------------------------------------------------------------------

43

     Package                         /   Vulnerable   /     Unaffected

44

    -------------------------------------------------------------------

45

  1  www-client/mozilla-firefox          < 1.0.7-r2        >= 1.0.7-r2

46

  2  www-client/mozilla                  < 1.7.12-r2      >= 1.7.12-r2

47

  3  www-client/mozilla-firefox-bin        < 1.0.7            >= 1.0.7

48

  4  www-client/mozilla-bin               < 1.7.12           >= 1.7.12

49

  5  net-libs/gecko-sdk                   < 1.7.12           >= 1.7.12

50

    -------------------------------------------------------------------

51

     5 affected packages on all of their supported architectures.

52

    -------------------------------------------------------------------

53

54

Description

55

===========

56

57

The Mozilla Suite and Firefox are both vulnerable to the following

58

issues:

59

60

* Tom Ferris reported a heap overflow in IDN-enabled browsers with

61

  malicious Host: headers (CAN-2005-2871).

62

63

* "jackerror" discovered a heap overrun in XBM image processing

64

  (CAN-2005-2701).

65

66

* Mats Palmgren reported a potentially exploitable stack corruption

67

  using specific Unicode sequences (CAN-2005-2702).

68

69

* Georgi Guninski discovered an integer overflow in the JavaScript

70

  engine (CAN-2005-2705)

71

72

* Other issues ranging from DOM object spoofing to request header

73

  spoofing were also found and fixed in the latest versions

74

  (CAN-2005-2703, CAN-2005-2704, CAN-2005-2706, CAN-2005-2707).

75

76

The Gecko engine in itself is also affected by some of these issues and

77

has been updated as well.

78

79

Impact

80

======

81

82

A remote attacker could setup a malicious site and entice a victim to

83

visit it, potentially resulting in arbitrary code execution with the

84

victim's privileges or facilitated spoofing of known websites.

85

86

Workaround

87

==========

88

89

There is no known workaround for all the issues.

90

91

Resolution

92

==========

93

94

All Mozilla Firefox users should upgrade to the latest version:

95

96

    # emerge --sync

97

    # emerge --ask --oneshot --verbose

98

">=www-client/mozilla-firefox-1.0.7-r2"

99

100

All Mozilla Suite users should upgrade to the latest version:

101

102

    # emerge --sync

103

    # emerge --ask --oneshot --verbose ">=www-client/mozilla-1.7.12-r2"

104

105

All Mozilla Firefox binary users should upgrade to the latest version:

106

107

    # emerge --sync

108

    # emerge --ask --oneshot --verbose

109

">=www-client/mozilla-firefox-bin-1.0.7"

110

111

All Mozilla Suite binary users should upgrade to the latest version:

112

113

    # emerge --sync

114

    # emerge --ask --oneshot --verbose ">=www-client/mozilla-bin-1.7.12"

115

116

All Gecko library users should upgrade to the latest version:

117

118

    # emerge --sync

119

    # emerge --ask --oneshot --verbose ">=net-libs/gecko-sdk-1.7.12"

120

121

References

122

==========

123

124

  [ 1 ] CAN-2005-2701

125

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2701

126

  [ 2 ] CAN-2005-2702

127

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2702

128

  [ 3 ] CAN-2005-2703

129

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2703

130

  [ 4 ] CAN-2005-2704

131

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2704

132

  [ 5 ] CAN-2005-2705

133

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2705

134

  [ 6 ] CAN-2005-2706

135

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2706

136

  [ 7 ] CAN-2005-2707

137

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2707

138

  [ 8 ] CAN-2005-2871

139

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2871

140

  [ 9 ] Mozilla Foundation Security Advisories

141

        http://www.mozilla.org/projects/security/known-vulnerabilities.html

142

143

Availability

144

============

145

146

This GLSA and any updates to it are available for viewing at

147

the Gentoo Security Website:

148

149

  http://security.gentoo.org/glsa/glsa-200509-11.xml

150

151

Concerns?

152

=========

153

154

Security is a primary focus of Gentoo Linux and ensuring the

155

confidentiality and security of our users machines is of utmost

156

importance to us. Any security concerns should be addressed to

157

security@g.o or alternatively, you may file a bug at

158

http://bugs.gentoo.org.

159

160

License

161

=======

162

163

Copyright 2005 Gentoo Foundation, Inc; referenced text

164

belongs to its owner(s).

165

166

The contents of this document are licensed under the

167

Creative Commons - Attribution / Share Alike license.

168

169

http://creativecommons.org/licenses/by-sa/2.0

Gentoo Archives: gentoo-announce

Attachments

1	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2	Gentoo Linux Security Advisory [UPDATE] GLSA 200509-11:02
3	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4	http://security.gentoo.org/
5	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7	Severity: Normal
8	Title: Mozilla Suite, Mozilla Firefox: Multiple vulnerabilities
9	Date: September 18, 2005
10	Updated: September 29, 2005
11	Bugs: #105396
12	ID: 200509-11:02
13
14	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
15
16	Update
17	======
18
19	This advisory was originally released to fix the heap overflow in IDN
20	headers. However, the official fixed release included several other
21	security fixes as well.
22
23	The updated sections appear below.
24
25	Synopsis
26	========
27
28	Mozilla Suite and Firefox are vulnerable to multiple issues, including
29	some that might be exploited to execute arbitrary code.
30
31	Background
32	==========
33
34	The Mozilla Suite is a popular all-in-one web browser that includes a
35	mail and news reader. Mozilla Firefox is the next-generation browser
36	from the Mozilla project. Gecko is the layout engine used in both
37	products.
38
39	Affected packages
40	=================
41
42	-------------------------------------------------------------------
43	Package / Vulnerable / Unaffected
44	-------------------------------------------------------------------
45	1 www-client/mozilla-firefox < 1.0.7-r2 >= 1.0.7-r2
46	2 www-client/mozilla < 1.7.12-r2 >= 1.7.12-r2
47	3 www-client/mozilla-firefox-bin < 1.0.7 >= 1.0.7
48	4 www-client/mozilla-bin < 1.7.12 >= 1.7.12
49	5 net-libs/gecko-sdk < 1.7.12 >= 1.7.12
50	-------------------------------------------------------------------
51	5 affected packages on all of their supported architectures.
52	-------------------------------------------------------------------
53
54	Description
55	===========
56
57	The Mozilla Suite and Firefox are both vulnerable to the following
58	issues:
59
60	* Tom Ferris reported a heap overflow in IDN-enabled browsers with
61	malicious Host: headers (CAN-2005-2871).
62
63	* "jackerror" discovered a heap overrun in XBM image processing
64	(CAN-2005-2701).
65
66	* Mats Palmgren reported a potentially exploitable stack corruption
67	using specific Unicode sequences (CAN-2005-2702).
68
69	* Georgi Guninski discovered an integer overflow in the JavaScript
70	engine (CAN-2005-2705)
71
72	* Other issues ranging from DOM object spoofing to request header
73	spoofing were also found and fixed in the latest versions
74	(CAN-2005-2703, CAN-2005-2704, CAN-2005-2706, CAN-2005-2707).
75
76	The Gecko engine in itself is also affected by some of these issues and
77	has been updated as well.
78
79	Impact
80	======
81
82	A remote attacker could setup a malicious site and entice a victim to
83	visit it, potentially resulting in arbitrary code execution with the
84	victim's privileges or facilitated spoofing of known websites.
85
86	Workaround
87	==========
88
89	There is no known workaround for all the issues.
90
91	Resolution
92	==========
93
94	All Mozilla Firefox users should upgrade to the latest version:
95
96	# emerge --sync
97	# emerge --ask --oneshot --verbose
98	">=www-client/mozilla-firefox-1.0.7-r2"
99
100	All Mozilla Suite users should upgrade to the latest version:
101
102	# emerge --sync
103	# emerge --ask --oneshot --verbose ">=www-client/mozilla-1.7.12-r2"
104
105	All Mozilla Firefox binary users should upgrade to the latest version:
106
107	# emerge --sync
108	# emerge --ask --oneshot --verbose
109	">=www-client/mozilla-firefox-bin-1.0.7"
110
111	All Mozilla Suite binary users should upgrade to the latest version:
112
113	# emerge --sync
114	# emerge --ask --oneshot --verbose ">=www-client/mozilla-bin-1.7.12"
115
116	All Gecko library users should upgrade to the latest version:
117
118	# emerge --sync
119	# emerge --ask --oneshot --verbose ">=net-libs/gecko-sdk-1.7.12"
120
121	References
122	==========
123
124	[ 1 ] CAN-2005-2701
125	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2701
126	[ 2 ] CAN-2005-2702
127	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2702
128	[ 3 ] CAN-2005-2703
129	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2703
130	[ 4 ] CAN-2005-2704
131	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2704
132	[ 5 ] CAN-2005-2705
133	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2705
134	[ 6 ] CAN-2005-2706
135	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2706
136	[ 7 ] CAN-2005-2707
137	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2707
138	[ 8 ] CAN-2005-2871
139	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2871
140	[ 9 ] Mozilla Foundation Security Advisories
141	http://www.mozilla.org/projects/security/known-vulnerabilities.html
142
143	Availability
144	============
145
146	This GLSA and any updates to it are available for viewing at
147	the Gentoo Security Website:
148
149	http://security.gentoo.org/glsa/glsa-200509-11.xml
150
151	Concerns?
152	=========
153
154	Security is a primary focus of Gentoo Linux and ensuring the
155	confidentiality and security of our users machines is of utmost
156	importance to us. Any security concerns should be addressed to
157	security@g.o or alternatively, you may file a bug at
158	http://bugs.gentoo.org.
159
160	License
161	=======
162
163	Copyright 2005 Gentoo Foundation, Inc; referenced text
164	belongs to its owner(s).
165
166	The contents of this document are licensed under the
167	Creative Commons - Attribution / Share Alike license.
168
169	http://creativecommons.org/licenses/by-sa/2.0