USN-592-1: Firefox vulnerabilities

26 March 2008

firefox vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 7.10
  • Ubuntu 7.04
  • Ubuntu 6.10
  • Ubuntu 6.06 LTS

Software Description

  • firefox

Details

Alexey Proskuryakov, Yosuke Hasegawa and Simon Montagu discovered flaws in Firefox’s character encoding handling. If a user were tricked into opening a malicious web page, an attacker could perform cross-site scripting attacks. (CVE-2008-0416)

Various flaws were discovered in the JavaScript engine. By tricking a user into opening a malicious web page, an attacker could escalate privileges within the browser, perform cross-site scripting attacks and/or execute arbitrary code with the user’s privileges. (CVE-2008-1233, CVE-2008-1234, CVE-2008-1235)

Several problems were discovered in Firefox which could lead to crashes and memory corruption. If a user were tricked into opening a malicious web page, an attacker may be able to execute arbitrary code with the user’s privileges. (CVE-2008-1236, CVE-2008-1237)

Gregory Fleischer discovered Firefox did not properly process HTTP Referrer headers when they were sent with with requests to URLs containing Basic Authentication credentials with empty usernames. An attacker could exploit this vulnerability to perform cross-site request forgery attacks. (CVE-2008-1238)

Peter Brodersen and Alexander Klink reported that default the setting in Firefox for SSL Client Authentication allowed for users to be tracked via their client certificate. The default has been changed to prompt the user each time a website requests a client certificate. (CVE-2007-4879)

Gregory Fleischer discovered that web content fetched via the jar protocol could use Java LiveConnect to connect to arbitrary ports on the user’s machine due to improper parsing in the Java plugin. If a user were tricked into opening malicious web content, an attacker may be able to access services running on the user’s machine. (CVE-2008-1195, CVE-2008-1240)

Chris Thomas discovered that Firefox would allow an XUL popup from an unselected tab to display in front of the selected tab. An attacker could exploit this behavior to spoof a login prompt and steal the user’s credentials. (CVE-2008-1241)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 7.10
firefox - 2.0.0.13+1nobinonly-0ubuntu0.7.10
Ubuntu 7.04
firefox - 2.0.0.13+0nobinonly-0ubuntu0.7.4
Ubuntu 6.10
firefox - 2.0.0.13+0nobinonly-0ubuntu0.6.10
Ubuntu 6.06 LTS
firefox - 1.5.dfsg+1.5.0.15~prepatch080323a-0ubuntu1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system upgrade you need to restart firefox to effect the necessary changes.

References