1. Ubuntu Security Notices
  2. USN-490-1

USN-490-1: Firefox vulnerabilities

Publication date

20 July 2007

Overview

Firefox vulnerabilities

Releases

Details

Various flaws were discovered in the layout and JavaScript engines. By
tricking a user into opening a malicious web page, an attacker could
execute arbitrary code with the user’s privileges. (CVE-2007-3734,
CVE-2007-3735)

Flaws were discovered in the JavaScript methods addEventListener and
setTimeout which could be used to inject script into another site in
violation of the browser’s same-origin policy. A malicious web site
could exploit this to modify the contents, or steal confidential data
(such as passwords), of other web pages. (CVE-2007-3736)

Ronen Zilberman and Michal Zalewski discovered timing attacks in the
JavaScript engine’s use of about:blank frames. A malicious web site
could exploit this to modify the contents, or steal confidential data
(such as passwords), of other web pages. (

Various flaws were discovered in the layout and JavaScript engines. By
tricking a user into opening a malicious web page, an attacker could
execute arbitrary code with the user’s privileges. (CVE-2007-3734,
CVE-2007-3735)

Flaws were discovered in the JavaScript methods addEventListener and
setTimeout which could be used to inject script into another site in
violation of the browser’s same-origin policy. A malicious web site
could exploit this to modify the contents, or steal confidential data
(such as passwords), of other web pages. (CVE-2007-3736)

Ronen Zilberman and Michal Zalewski discovered timing attacks in the
JavaScript engine’s use of about:blank frames. A malicious web site
could exploit this to modify the contents, or steal confidential data
(such as passwords), of other web pages. (CVE-2007-3089)

A flaw was discovered in the JavaScript event handling code. By tricking
a user into opening a malicious web page, an attacker could execute
arbitrary code with the user’s privileges. (CVE-2007-3737)

Ronald van den Heetkamp discovered that filename URLs including an encoded
null byte could confuse the extension matching code. By tricking a user
into opening a malicious web page, an attacker could execute arbitrary
helper programs. (CVE-2007-3285)

Michal Zalewski discovered flaws in the same-origin handling of cached
“wyciwyg://” documents. A malicious web site could exploit this to
modify the contents, or steal confidential data (such as passwords),
of other web pages. (CVE-2007-3656)

Various flaws were discovered in the XPCNativeWrapper method. By tricking
a user into opening a malicious web page, an attacker could execute
arbitrary code with the user’s privileges. (CVE-2007-3738).

Update instructions

After a standard system upgrade you need to restart Firefox to effect the necessary changes.

Learn more about how to get the fixes.

The problem can be corrected by updating your system to the following package versions:

Ubuntu Release Package Version
7.04 feisty firefox –  2.0.0.5+1-0ubuntu1
6.10 edgy firefox –  2.0.0.5+0dfsg-0ubuntu0.6.10
6.06 dapper firefox –  1.5.dfsg+1.5.0.13~prepatch070716-0ubuntu1

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Get Ubuntu Pro

References

Have additional questions?

Talk to a member of the team ›