Skip to main content

Mozilla Products Multiple Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 22 Jul 2010 5340 Views

RISK: Medium Risk

Multiple vulnerabilitieshave been identified in Mozilla Firefox, Thunderbird and SeaMonkey, which could be exploited by attackers to manipulate or disclose certain data, bypass security restrictions or compromise a vulnerable system.

1. Due to memory corruption errors in the browser engine when parsing malformed data, which could be exploited by attackers to crash a vulnerable browser or execute arbitrary code.

2. Due to a use-after-free error in the DOM attribute cloning routine, which could be exploited by attackers to execute arbitrary code.

3. Due to a use-after-free error in the implementation of NodeIterator when detaching nodes from the DOM tree while it is being traversed, which could be exploited by attackers to execute arbitrary code.

4. Due to a buffer overflow error when storing the names and values of plugin parameter elements, which could be exploited by attackers to execute arbitrary code.

Update: An incorrect fix version (3.6.7) for this Mozilla Firefox plugin parameter array vulnerability was identified¡Arequires to upgrade to Mozilla Firefox version 3.6.8.

5. Due to an error when accessing a content object via SJOW, which could be exploited to execute arbitrary JavaScript with chrome privileges.

6. Due to an integer overflow error when processing CSS values, which could be exploited by attackers to execute arbitrary code.

7. Due to an integer overflow error in the implementation of the XUL "tree" element's selection attribute, which could be exploited by attackers to execute arbitrary code.

8. Due to a buffer overflow error when processing malformed PNG data, which could be exploited by attackers to execute arbitrary code.

9. Due to a same-origin validation error when using the Web Worker method "importScripts", which could be exploited to conduct cross-domain scripting attacks.

10. Due to a same-origin validation error when using canvas elements, which could be exploited to conduct cross-domain scripting attacks.

11. Due to undefined positions within various 8 bit character encodings being mapped to the U+FFFD sequence, which could be exploited to conduct cross site scripting attacks.

12. Due to errors when handling windows and redirections, which could allow attackers to spoof the content of the location bar.

13. Due to an error when handling CSS selectors, which could be exploited to read data across domains.

14. Due to an error when handling error messages, which could cause potentially sensitive URL parameters to be leaked across domains.


Impact

  • Remote Code Execution
  • Security Restriction Bypass
  • Information Disclosure

System / Technologies affected

  • Mozilla Firefox versions prior to 3.6.8
  • Mozilla Firefox versions prior to 3.5.11
  • Mozilla Thunderbird versions prior to 3.1.1
  • Mozilla Thunderbird versions prior to 3.0.6
  • Mozilla SeaMonkey versions prior to 2.0.6

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.


Vulnerability Identifier


Source


Related Link