glsa-200509-11.xml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132

<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">

<glsa id="200509-11">
  <title>Mozilla Suite, Mozilla Firefox: Multiple vulnerabilities</title>
  <synopsis>
    Mozilla Suite and Firefox are vulnerable to multiple issues, including some
    that might be exploited to execute arbitrary code.
  </synopsis>
  <product type="ebuild">mozilla</product>
  <announced>September 18, 2005</announced>
  <revised>September 29, 2005: 02</revised>
  <bug>105396</bug>
  <access>remote</access>
  <affected>
    <package name="www-client/mozilla-firefox" auto="yes" arch="*">
      <unaffected range="ge">1.0.7-r2</unaffected>
      <vulnerable range="lt">1.0.7-r2</vulnerable>
    </package>
    <package name="www-client/mozilla" auto="yes" arch="*">
      <unaffected range="ge">1.7.12-r2</unaffected>
      <vulnerable range="lt">1.7.12-r2</vulnerable>
    </package>
    <package name="www-client/mozilla-firefox-bin" auto="yes" arch="*">
      <unaffected range="ge">1.0.7</unaffected>
      <vulnerable range="lt">1.0.7</vulnerable>
    </package>
    <package name="www-client/mozilla-bin" auto="yes" arch="*">
      <unaffected range="ge">1.7.12</unaffected>
      <vulnerable range="lt">1.7.12</vulnerable>
    </package>
    <package name="net-libs/gecko-sdk" auto="yes" arch="*">
      <unaffected range="ge">1.7.12</unaffected>
      <vulnerable range="lt">1.7.12</vulnerable>
    </package>
  </affected>
  <background>
    <p>
    The Mozilla Suite is a popular all-in-one web browser that includes a
    mail and news reader. Mozilla Firefox is the next-generation browser
    from the Mozilla project. Gecko is the layout engine used in both
    products.
    </p>
  </background>
  <description>
    <p>
    The Mozilla Suite and Firefox are both vulnerable to the following
    issues:
    </p>
    <ul>
    <li>Tom Ferris reported a heap overflow in IDN-enabled browsers with
    malicious Host: headers (CAN-2005-2871).</li>
    <li>"jackerror" discovered a heap overrun in XBM image processing
    (CAN-2005-2701).</li>
    <li>Mats Palmgren reported a potentially exploitable stack corruption
    using specific Unicode sequences (CAN-2005-2702).</li>
    <li>Georgi Guninski discovered an integer overflow in the JavaScript
    engine (CAN-2005-2705)</li>
    <li>Other issues ranging from DOM object spoofing to request header
    spoofing were also found and fixed in the latest versions
    (CAN-2005-2703, CAN-2005-2704, CAN-2005-2706, CAN-2005-2707).</li>
    </ul>
    <p>
    The Gecko engine in itself is also affected by some of these issues and
    has been updated as well.
    </p>
  </description>
  <impact type="normal">
    <p>
    A remote attacker could setup a malicious site and entice a victim to
    visit it, potentially resulting in arbitrary code execution with the
    victim's privileges or facilitated spoofing of known websites.
    </p>
  </impact>
  <workaround>
    <p>
    There is no known workaround for all the issues.
    </p>
  </workaround>
  <resolution>
    <p>
    All Mozilla Firefox users should upgrade to the latest version:
    </p>
    <code>
    # emerge --sync
    # emerge --ask --oneshot --verbose &quot;&gt;=www-client/mozilla-firefox-1.0.7-r2&quot;</code>
    <p>
    All Mozilla Suite users should upgrade to the latest version:
    </p>
    <code>
    # emerge --sync
    # emerge --ask --oneshot --verbose &quot;&gt;=www-client/mozilla-1.7.12-r2&quot;</code>
    <p>
    All Mozilla Firefox binary users should upgrade to the latest version:
    </p>
    <code>
    # emerge --sync
    # emerge --ask --oneshot --verbose &quot;&gt;=www-client/mozilla-firefox-bin-1.0.7&quot;</code>
    <p>
    All Mozilla Suite binary users should upgrade to the latest version:
    </p>
    <code>
    # emerge --sync
    # emerge --ask --oneshot --verbose &quot;&gt;=www-client/mozilla-bin-1.7.12&quot;</code>
    <p>
    All Gecko library users should upgrade to the latest version:
    </p>
    <code>
    # emerge --sync
    # emerge --ask --oneshot --verbose &quot;&gt;=net-libs/gecko-sdk-1.7.12&quot;</code>
    <p>
    
    </p>
  </resolution>
  <references>
    <uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2701">CAN-2005-2701</uri>
    <uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2702">CAN-2005-2702</uri>
    <uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2703">CAN-2005-2703</uri>
    <uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2704">CAN-2005-2704</uri>
    <uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2705">CAN-2005-2705</uri>
    <uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2706">CAN-2005-2706</uri>
    <uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2707">CAN-2005-2707</uri>
    <uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2871">CAN-2005-2871</uri>
    <uri link="http://www.mozilla.org/projects/security/known-vulnerabilities.html">Mozilla Foundation Security Advisories</uri>
  </references>
  <metadata tag="submitter" timestamp="Thu, 15 Sep 2005 12:38:09 +0000">
    koon
  </metadata>
  <metadata tag="bugReady" timestamp="Sun, 18 Sep 2005 09:17:15 +0000">
    koon
  </metadata>
</glsa>