Mozilla Products Code Execution and Security Bypass Vulnerabilities
RISK: Medium Risk
Multiple vulnerabilities have been identified in Mozilla Firefox, SeaMonkey and Thunderbird, which could be exploited by attackers to bypass security restrictions, disclose sensitive information, cause a denial of service or compromise a vulnerable system.
1. A memory corruption errors in the JavaScript and layout engines when parsing malformed data, which could be exploited by attackers to crash a vulnerable application or execute arbitrary code.
2. An error when handling a chrome XBL method used in conjunction with "window.eval", which could allow malicious web sites to violate the same origin policy and conduct cross domain scripting attacks.
3. An error exists because a form input control type of a closed tab can be changed when restoring a closed tab, which could allow attackers to disclose the contents of arbitrary files on a vulnerable system.
4. An error when processing certain ".desktop" shortcut files, which could be exploited to execute arbitrary code with chrome privileges.
5. Due to cookies marked "HTTPOnly" being readable by JavaScript through the "XMLHttpRequest.getResponseHeader" and "XMLHttpRequest.getAllResponseHeaders" APIs, which could be exploited to gain access to "document.cookie".
6. Due to the "Cache-Control: no-store" and "Cache-Control: no-cache" HTTP directives being ignored, which could cause potentially sensitive information to be cached by the browser, allowing malicious local users to disclose private data.
Impact
- Denial of Service
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- Mozilla Firefox versions prior to 3.0.6
- Mozilla SeaMonkey versions prior to 1.1.15
- Mozilla Thunderbird versions prior to 2.0.0.21
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
Upgrade to Mozilla Firefox version 3.0.6 :
http://www.mozilla.com/firefox/Upgrade to Mozilla SeaMonkey version 1.1.15 :
http://www.mozilla.org/projects/seamonkey/Upgrade to Mozilla Thunderbird version 2.0.0.21 :
http://www.mozilla.com/thunderbird/
Vulnerability Identifier
Source
Related Link
Share with