Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-announce

From: Raphael Marichez <falco@g.o>
To: gentoo-announce@g.o
Cc: bugtraq@×××××××××××××.com, full-disclosure@××××××××××××××.uk, security-alerts@×××××××××××××.com
Subject: [gentoo-announce] [ GLSA 200703-04 ] Mozilla Firefox: Multiple vulnerabilities
Date: Fri, 02 Mar 2007 23:30:43
Message-Id: 20070302231315.GA16853@falco.falcal.net
1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2 Gentoo Linux Security Advisory GLSA 200703-04
3 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4 http://security.gentoo.org/
5 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7 Severity: Normal
8 Title: Mozilla Firefox: Multiple vulnerabilities
9 Date: March 02, 2007
10 Bugs: #165555
11 ID: 200703-04
12
13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
14
15 Synopsis
16 ========
17
18 Multiple vulnerabilities have been reported in Mozilla Firefox, some of
19 which may allow user-assisted arbitrary remote code execution.
20
21 Background
22 ==========
23
24 Mozilla Firefox is a popular open-source web browser from the Mozilla
25 Project.
26
27 Affected packages
28 =================
29
30 -------------------------------------------------------------------
31 Package / Vulnerable / Unaffected
32 -------------------------------------------------------------------
33 1 www-client/mozilla-firefox < 2.0.0.2 *>= 1.5.0.10
34 >= 2.0.0.2
35 2 www-client/mozilla-firefox-bin < 2.0.0.2 *>= 1.5.0.10
36 >= 2.0.0.2
37 -------------------------------------------------------------------
38 2 affected packages on all of their supported architectures.
39 -------------------------------------------------------------------
40
41 Description
42 ===========
43
44 Tom Ferris reported a heap-based buffer overflow involving wide SVG
45 stroke widths that affects Mozilla Firefox 2 only. Various researchers
46 reported some errors in the JavaScript engine potentially leading to
47 memory corruption. Mozilla Firefox also contains minor vulnerabilities
48 involving cache collision and unsafe pop-up restrictions, filtering or
49 CSS rendering under certain conditions.
50
51 Impact
52 ======
53
54 An attacker could entice a user to view a specially crafted web page
55 that will trigger one of the vulnerabilities, possibly leading to the
56 execution of arbitrary code. It is also possible for an attacker to
57 spoof the address bar, steal information through cache collision,
58 bypass the local files protection mechanism with pop-ups, or perform
59 cross-site scripting attacks, leading to the exposure of sensitive
60 information, like user credentials.
61
62 Workaround
63 ==========
64
65 There is no known workaround at this time for all of these issues, but
66 most of them can be avoided by disabling JavaScript.
67
68 Resolution
69 ==========
70
71 Users upgrading to the following releases of Mozilla Firefox should
72 note that this upgrade has been found to lose the saved passwords file
73 in some cases. The saved passwords are encrypted and stored in the
74 'signons.txt' file of ~/.mozilla/ and we advise our users to save that
75 file before performing the upgrade.
76
77 All Mozilla Firefox 1.5 users should upgrade to the latest version:
78
79 # emerge --sync
80 # emerge --ask --oneshot --verbose ">=www-client/mozilla-firefox-1.5.0.10"
81
82 All Mozilla Firefox 1.5 binary users should upgrade to the latest
83 version:
84
85 # emerge --sync
86 # emerge --ask --oneshot --verbose ">=www-client/mozilla-firefox-bin-1.5.0.10"
87
88 All Mozilla Firefox 2.0 users should upgrade to the latest version:
89
90 # emerge --sync
91 # emerge --ask --oneshot --verbose ">=www-client/mozilla-firefox-2.0.0.2"
92
93 All Mozilla Firefox 2.0 binary users should upgrade to the latest
94 version:
95
96 # emerge --sync
97 # emerge --ask --oneshot --verbose ">=www-client/mozilla-firefox-bin-2.0.0.2"
98
99 References
100 ==========
101
102 [ 1 ] CVE-2006-6077
103 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6077
104 [ 2 ] CVE-2007-0775
105 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0775
106 [ 3 ] CVE-2007-0776
107 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0776
108 [ 4 ] CVE-2007-0777
109 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0777
110 [ 5 ] CVE-2007-0778
111 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0778
112 [ 6 ] CVE-2007-0779
113 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0779
114 [ 7 ] CVE-2007-0780
115 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0780
116 [ 8 ] CVE-2007-0800
117 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0800
118 [ 9 ] CVE-2007-0801
119 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0801
120 [ 10 ] CVE-2007-0981
121 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0981
122 [ 11 ] CVE-2007-0995
123 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0995
124 [ 12 ] Mozilla password loss bug
125 https://bugzilla.mozilla.org/show_bug.cgi?id=360493#c366
126
127 Availability
128 ============
129
130 This GLSA and any updates to it are available for viewing at
131 the Gentoo Security Website:
132
133 http://security.gentoo.org/glsa/glsa-200703-04.xml
134
135 Concerns?
136 =========
137
138 Security is a primary focus of Gentoo Linux and ensuring the
139 confidentiality and security of our users machines is of utmost
140 importance to us. Any security concerns should be addressed to
141 security@g.o or alternatively, you may file a bug at
142 http://bugs.gentoo.org.
143
144 License
145 =======
146
147 Copyright 2007 Gentoo Foundation, Inc; referenced text
148 belongs to its owner(s).
149
150 The contents of this document are licensed under the
151 Creative Commons - Attribution / Share Alike license.
152
153 http://creativecommons.org/licenses/by-sa/2.5
Report Message
Find on MARC Find on Google Groups