USN-124-1: Mozilla and Firefox vulnerabilities
Posted on: 05/11/2005 05:46 AM

A Mozilla firefox update is available for Ubuntu Linux

==========================================================
Ubuntu Security Notice USN-124-1 May 11, 2005
mozilla-firefox, mozilla vulnerabilities
CAN-2005-1153, CAN-2005-1154, CAN-2005-1155, CAN-2005-1156,
CAN-2005-1157, CAN-2005-1158, CAN-2005-1160
==========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 5.04 (Hoary Hedgehog)

The following packages are affected:

mozilla-browser
mozilla-firefox

The problem can be corrected by upgrading the affected package to version 1.0.2-0ubuntu5.1 (mozilla-firefox) and 2:1.7.6-1ubuntu2.1 (mozilla-browser). After a standard system upgrade you need to restart your browser to effect the necessary changes.

Please note that Ubuntu 5.04 (Warty Warthog) is also affected; this release will be fixed soon in a separate advisory.

Details follow:

When a popup is blocked the user is given the ability to open that popup through the popup-blocking status bar icon and, in Firefox, through the information bar. Doron Rosenberg noticed that popups which are permitted by the user were executed with elevated privileges, which could be abused to automatically install and execute arbitrary code with the privileges of the user. (CAN-2005-1153)

It was discovered that the browser did not start with a clean global JavaScript state for each new website. This allowed a malicious web page to define a global variable known to be used by a different site, allowing malicious code to be executed in the context of that site (for example, sending web mail or automatic purchasing).
(CAN-2005-1154)

Michael Krax discovered a flaw in the "favicon" links handler. A malicious web page could define a favicon link tag as JavaScript, which could be exploited to execute arbitrary code with the privileges of the user. (CAN-2005-1155)

Michael Krax found two flaws in the Search Plugin installation. This allowed malicious plugins to execute arbitrary code in the context of the current site. If the current page had elevated privileges (like "about :plugins" or "about:config"), the malicious plugin could even install malicious software when a search was performed. (CAN-2005-1156, CAN-2005-1157)

Kohei Yoshino discovered two missing security checks when Firefox opens links in its sidebar. This allowed a malicious web page to construct a link that, when clicked on, could execute arbitrary JavaScript code with the privileges of the user. (CAN-2005-1158)

Georgi Guninski discovered that the types of certain XPInstall related JavaScript objects were not sufficiently validated when they were called. This could be exploited by a malicious website to crash Firefox or even execute arbitrary code with the privileges of the user. (CAN-2005-1159)

Firefox did not properly verify the values of XML DOM nodes of web pages. By tricking the user to perform a common action like clicking on a link or opening the context menu, a malicious page could exploit this to execute arbitrary JavaScript code with the full privileges of the user. (CAN-2005-1160)

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox_1.0.2-0ubuntu5.1.diff.gz
Size/MD5: 830197 4ce184fa78a64ea7b7080534b7bb4855
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox_1.0.2-0ubuntu5.1.dsc
Size/MD5: 1696 1d3777c903164f487f0f1b3710acfc93
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox_1.0.2.orig.tar.gz
Size/MD5: 41023585 7e98ce4aefc5ea9b5f1f35b7a0c58f60
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla_1.7.6-1ubuntu2.1.diff.gz
Size/MD5: 314103 47b87f40b60e80d62eaccf9760632dd2
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla_1.7.6-1ubuntu2.1.dsc
Size/MD5: 1767 1c1dde816d6772fd3e6d47334757c61b
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla_1.7.6.orig.tar.gz
Size/MD5: 30587697 800f8d3877193a5d786d9ce4e3d1e400

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnspr-dev_1.7.6-1ubuntu2.1_amd64.deb
Size/MD5: 168060 ed2993df33ab89c2f256385cb8c29146
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnspr4_1.7.6-1ubuntu2.1_amd64.deb
Size/MD5: 139634 30cabc7ee95013519fc0e96220a45265
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnss-dev_1.7.6-1ubuntu2.1_amd64.deb
Size/MD5: 184942 2915e105352efa7bedcf7de8f4c4d653
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnss3_1.7.6-1ubuntu2.1_amd64.deb
Size/MD5: 708458 47ff7e80d251d1c0bcb2b1bcdf5cefef
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-browser_1.7.6-1ubuntu2.1_amd64.deb
Size/MD5: 10591978 a8cc6ec3a71921fa1daeeacbe8ec85dc
http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-calendar_1.7.6-1ubuntu2.1_amd64.deb
Size/MD5: 403262 2420179b28f69331ea96352ca3c90cc3
http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-chatzilla_1.7.6-1ubuntu2.1_amd64.deb
Size/MD5: 158320 94912562292b87c86c6538c782d1efeb
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-dev_1.7.6-1ubuntu2.1_amd64.deb
Size/MD5: 3348764 5adf0f0b038cbe91cb08a3af971960a1
http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-dom-inspector_1.7.6-1ubuntu2.1_amd64.deb
Size/MD5: 121178 6df756cf8cae9232c361a0f74fa04ac7
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox-dev_1.0.2-0ubuntu5.1_amd64.deb
Size/MD5: 2629544 14da7a2f6e6f68820800c38ad987ea57
http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.2-0ubuntu5.1_amd64.deb
Size/MD5: 156958 d46c88bd1084fa30f51f617da0866ebb
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.2-0ubuntu5.1_amd64.deb
Size/MD5: 56234 61f9327937882137049c0f75d9e796db
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox_1.0.2-0ubuntu5.1_amd64.deb
Size/MD5: 9756214 a8f6bfa38739f09696eb2a4731d8e6c5
http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-js-debugger_1.7.6-1ubuntu2.1_amd64.deb
Size/MD5: 204148 53132a415b5d2c5e82eb8ef76f99d485
http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-mailnews_1.7.6-1ubuntu2.1_amd64.deb
Size/MD5: 1935848 1e697ad9f4a24d46c62a0f5ba1cf8dba
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-psm_1.7.6-1ubuntu2.1_amd64.deb
Size/MD5: 204116 423fb6293d4547192a9c7dd7b7d5f6be
http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla_1.7.6-1ubuntu2.1_amd64.deb
Size/MD5: 1032 6c15f001a938f0bd7d5090e9906a8339

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnspr-dev_1.7.6-1ubuntu2.1_i386.deb
Size/MD5: 168058 222d46dac5ca6f51a03d04768cc4bb69
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnspr4_1.7.6-1ubuntu2.1_i386.deb
Size/MD5: 126282 5338a7ac6ec8f0407ce273d4bda614cf
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnss-dev_1.7.6-1ubuntu2.1_i386.deb
Size/MD5: 184948 c2ae8d09fbb125b0efa3f7be632da257
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnss3_1.7.6-1ubuntu2.1_i386.deb
Size/MD5: 638278 ada234a2e1a35c38e21ee0a3d305e7ec
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-browser_1.7.6-1ubuntu2.1_i386.deb
Size/MD5: 9609946 66d3a0479de8127b56f0482342bd93de
http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-calendar_1.7.6-1ubuntu2.1_i386.deb
Size/MD5: 403286 e9b6231b9140172afcfe966248603133
http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-chatzilla_1.7.6-1ubuntu2.1_i386.deb
Size/MD5: 158334 0a81f18ac7fc7bdda0780a40d66580da
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-dev_1.7.6-1ubuntu2.1_i386.deb
Size/MD5: 3341098 b6e580a5de3c6a77809485e0dd68322e
http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-dom-inspector_1.7.6-1ubuntu2.1_i386.deb
Size/MD5: 115820 69166b1cf69c798f2fcb24aeca9db981
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox-dev_1.0.2-0ubuntu5.1_i386.deb
Size/MD5: 2629486 f02da01be0f2bbb867ca81cb028f5221
http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.2-0ubuntu5.1_i386.deb
Size/MD5: 151858 868d1b4632978f22f09af3594d5a681b
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.2-0ubuntu5.1_i386.deb
Size/MD5: 52824 f19d463a3db16a8f18f3c2fc4de09386
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox_1.0.2-0ubuntu5.1_i386.deb
Size/MD5: 8788424 95629abf4db585733e4883c5e31a1275
http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-js-debugger_1.7.6-1ubuntu2.1_i386.deb
Size/MD5: 204158 83a4bba634abd309ccc8a6da5d138dc1
http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-mailnews_1.7.6-1ubuntu2.1_i386.deb
Size/MD5: 1780844 5540a89fbe45d02f399d168e407d91b8
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-psm_1.7.6-1ubuntu2.1_i386.deb
Size/MD5: 188178 19977271c04901479dfadc5a4d1f6dd6
http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla_1.7.6-1ubuntu2.1_i386.deb
Size/MD5: 1032 29a610e4ed60a34fccbef8e957282112

ia64 architecture (Intel Itanium)

http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnspr-dev_1.7.6-1ubuntu2.1_ia64.deb
Size/MD5: 168060 016f780244ef101dfb590af59aafe67a
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnspr4_1.7.6-1ubuntu2.1_ia64.deb
Size/MD5: 167994 639735a28f74803de95f9952666708d7
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnss-dev_1.7.6-1ubuntu2.1_ia64.deb
Size/MD5: 184938 bc36f3745afa98fc59ecd2668be6f3cb
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnss3_1.7.6-1ubuntu2.1_ia64.deb
Size/MD5: 960402 0f859bcd08441b21017df723b0681dbd
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-browser_1.7.6-1ubuntu2.1_ia64.deb
Size/MD5: 12420732 21cf6e5a13833e0a0f87320488eef3cd
http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-calendar_1.7.6-1ubuntu2.1_ia64.deb
Size/MD5: 403268 8c729829bb2ad3a0231ca9e36bcd7562
http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-chatzilla_1.7.6-1ubuntu2.1_ia64.deb
Size/MD5: 158316 9dd45991a4b6db9b3c5ab46946c610bf
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-dev_1.7.6-1ubuntu2.1_ia64.deb
Size/MD5: 3374846 42e83bf82f8a05d084e3489d4fd685d6
http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-dom-inspector_1.7.6-1ubuntu2.1_ia64.deb
Size/MD5: 125580 36621440b6877a70f2f3e15319426647
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox-dev_1.0.2-0ubuntu5.1_ia64.deb
Size/MD5: 2629556 9f568be6452b5df2dcb0e2afa79dfc0b
http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.2-0ubuntu5.1_ia64.deb
Size/MD5: 161108 6caf35526e85085dcc735f9614270988
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.2-0ubuntu5.1_ia64.deb
Size/MD5: 60966 a833be3832f033a3dda4d78ac358c7ca
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox_1.0.2-0ubuntu5.1_ia64.deb
Size/MD5: 11697162 45b9ab1529ea6bdd0902f23af13ae991
http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-js-debugger_1.7.6-1ubuntu2.1_ia64.deb
Size/MD5: 204146 bea56abb3658a36940d5072862b6c9c6
http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-mailnews_1.7.6-1ubuntu2.1_ia64.deb
Size/MD5: 2302082 3fe0de68589a09debf6e88f3a45835de
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-psm_1.7.6-1ubuntu2.1_ia64.deb
Size/MD5: 242278 1a4c320cf968e67192cde5f1241a17a6
http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla_1.7.6-1ubuntu2.1_ia64.deb
Size/MD5: 1030 2ff818fdd8ddadf3b4557f19eab32f3f

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnspr-dev_1.7.6-1ubuntu2.1_powerpc.deb
Size/MD5: 168058 af918e0c1dacc2e6e99e1700dd1b81d1
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnspr4_1.7.6-1ubuntu2.1_powerpc.deb
Size/MD5: 125046 7ed144c7220f45d114217894a06f005e
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnss-dev_1.7.6-1ubuntu2.1_powerpc.deb
Size/MD5: 184936 e99c819a8f2c223ec80d1cc24537ee12
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/libnss3_1.7.6-1ubuntu2.1_powerpc.deb
Size/MD5: 712690 706d71fed7d5414b78d371e9521a1541
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-browser_1.7.6-1ubuntu2.1_powerpc.deb
Size/MD5: 9160526 ff174690d0608415e67d263d61ff32b7
http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-calendar_1.7.6-1ubuntu2.1_powerpc.deb
Size/MD5: 403272 1126a9bb557965befe61ffbc6f312833
http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-chatzilla_1.7.6-1ubuntu2.1_powerpc.deb
Size/MD5: 158320 6c21f61154745bbb310d53ed981afa1a
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-dev_1.7.6-1ubuntu2.1_powerpc.deb
Size/MD5: 3336710 3babb94961cc6b7b33f29a95f5437e7c
http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-dom-inspector_1.7.6-1ubuntu2.1_powerpc.deb
Size/MD5: 114574 5d1be8d4c536eb9e6e64a09e879d1b12
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox-dev_1.0.2-0ubuntu5.1_powerpc.deb
Size/MD5: 2629590 2afc3fc11370be8965471df308cad9ca
http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.2-0ubuntu5.1_powerpc.deb
Size/MD5: 150628 ae5e401c15b84d79c208a64f5481672f
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.2-0ubuntu5.1_powerpc.deb
Size/MD5: 55468 02bcb9dc7edc927e87e1240762def966
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox_1.0.2-0ubuntu5.1_powerpc.deb
Size/MD5: 8446334 19563893ea6dd9dde53a1646a1039c0b
http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-js-debugger_1.7.6-1ubuntu2.1_powerpc.deb
Size/MD5: 204152 97550a0b3c55285231c2918443c92499
http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla-mailnews_1.7.6-1ubuntu2.1_powerpc.deb
Size/MD5: 1642892 b261f0b2564022c476cf48ad086fabb0
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/mozilla-psm_1.7.6-1ubuntu2.1_powerpc.deb
Size/MD5: 175480 b8ba64bbb7a49b9b0fe6fd40aee60030
http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla/mozilla_1.7.6-1ubuntu2.1_powerpc.deb
Size/MD5: 1028 48085111c4e1c0fd807d0c3dc98e2ea5


Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/usn_124_1_mozilla_and_firefox_vulnerabilities.html)