Mozilla Firefox / Thunderbird / SeaMonkey Multiple Vulnerabilities
Last Update Date:
15 Mar 2012 15:01
Release Date:
15 Mar 2012
5662
Views
RISK: High Risk
TYPE: Clients - Browsers
Multiple vulnerabilities have been identified in Mozilla Firefox, Thunderbird, and SeaMonkey, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, disclose certain sensitive information, and compromise a user's system.
- A use-after-free error exists within shlwapi.dll when closing a child window that uses the file open dialog, and the "nsSMILTimeValueSpec::ConvertBetweenTimeContainers()" function when handling certain SVG animation.
- An error when handling certain drag and drop actions and Content Security Policy headers can be exploited to conduct cross-site scripting attacks.
- An out-of-bounds read error in SVG filters can be exploited to disclose certain data.
- An error when handling "javascript:" home page can be exploited to execute script code in "about:sessionrestore" context.
- An unspecified error exists when accessing a keyframe's cssText after dynamic modification.
- The window.fullScreen property does not properly enforce the mozRequestFullscreen policy, which can be exploited to bypass the policy and spoof certain content.
- Multiple unspecified errors can be exploited to corrupt memory.
Successful exploitation of vulnerabilities 1, 4, 5 and 7 may allow execution of arbitrary code.
Impact
- Cross-Site Scripting
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- Mozilla Firefox 3.6.x / 10.x
- Mozilla Thunderbird 3.1.x / 10.x
- Mozilla SeaMonkey 2.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Update to Firefox versions 11.0 or 10.0.3, Thunderbird versions 11.0 or 10.0.3, and SeaMonkey version 2.8.
- Update to Firefox version 3.6.28 and Thunderbird version 3.1.20.
Vulnerability Identifier
- CVE-2012-0451
- CVE-2012-0454
- CVE-2012-0455
- CVE-2012-0456
- CVE-2012-0457
- CVE-2012-0458
- CVE-2012-0459
- CVE-2012-0460
- CVE-2012-0461
- CVE-2012-0462
- CVE-2012-0463
- CVE-2012-0464
Source
Related Link
Share with