USN-690-2: Firefox vulnerabilities
Posted on: 12/18/2008 01:25 AM

A new Firefox vulnerabilities update is available for Ubuntu Linux. Here the announcement:

Ubuntu Security Notice USN-690-2 December 18, 2008
firefox vulnerabilities
CVE-2008-5500, CVE-2008-5503, CVE-2008-5504, CVE-2008-5506,
CVE-2008-5507, CVE-2008-5508, CVE-2008-5510, CVE-2008-5511,
CVE-2008-5512, CVE-2008-5513
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D

A security issue affects the following Ubuntu releases:

Ubuntu 7.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 7.10:
firefox 2.0.0.19+nobinonly1-0ubuntu0.7.10.1

After a standard system upgrade you need to restart Firefox to effect the
necessary changes.

Details follow:

Several flaws were discovered in the browser engine. These problems could a=
llow
an attacker to crash the browser and possibly execute arbitrary code with u=
ser
privileges. (CVE-2008-5500)

Boris Zbarsky discovered that the same-origin check in Firefox could be
bypassed by utilizing XBL-bindings. An attacker could exploit this to read =
data
=66rom other domains. (CVE-2008-5503)

Several problems were discovered in the JavaScript engine. An attacker could
exploit feed preview vulnerabilities to execute scripts from page content w=
ith
chrome privileges. (CVE-2008-5504)

Marius Schilder discovered that Firefox did not properly handle redirects to
an outside domain when an XMLHttpRequest was made to a same-origin resource.
It's possible that sensitive information could be revealed in the
XMLHttpRequest response. (CVE-2008-5506)

Chris Evans discovered that Firefox did not properly protect a user's data =
when
accessing a same-domain Javascript URL that is redirected to an unparsable
Javascript off-site resource. If a user were tricked into opening a malicio=
us
website, an attacker may be able to steal a limited amount of private data.
(CVE-2008-5507)

Chip Salzenberg, Justin Schuh, Tom Cross, and Peter William discovered Fire=
fox
did not properly parse URLs when processing certain control characters.
(CVE-2008-5508)

Kojima Hajime discovered that Firefox did not properly handle an escaped nu=
ll
character. An attacker may be able to exploit this flaw to bypass script
sanitization. (CVE-2008-5510)

Several flaws were discovered in the Javascript engine. If a user were tric=
ked
into opening a malicious website, an attacker could exploit this to execute
arbitrary Javascript code within the context of another website or with chr=
ome
privileges. (CVE-2008-5511, CVE-2008-5512)

Flaws were discovered in the session-restore feature of Firefox. If a user =
were
tricked into opening a malicious website, an attacker could exploit this to
perform cross-site scripting attacks or execute arbitrary Javascript code w=
ith
chrome privileges. (CVE-2008-5513)


Updated packages for Ubuntu 7.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.19+=
nobinonly1-0ubuntu0.7.10.1.diff.gz
Size/MD5: 193899 36adc1276acd43f74f72cfcc1ae3d0e9
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.19+=
nobinonly1-0ubuntu0.7.10.1.dsc
Size/MD5: 1667 191a120d310a4e50dc3890bc39dd5eb4
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.19+=
nobinonly1.orig.tar.gz
Size/MD5: 38003869 ef1cc2719a0d2e765e7395191917b0e1

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-i=
nspector_2.0.0.19+nobinonly1-0ubuntu0.7.10.1_all.deb
Size/MD5: 200940 bb5074878422fcc2770502b9ccb0da27

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0=
=2E19+nobinonly1-0ubuntu0.7.10.1_amd64.deb
Size/MD5: 78150706 95fdf710a1475b0bc9c2d05b93729e1d
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0=
=2E19+nobinonly1-0ubuntu0.7.10.1_amd64.deb
Size/MD5: 3199474 a81af067e5cd04967c4b073e4ea88b3d
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-sup=
port_2.0.0.19+nobinonly1-0ubuntu0.7.10.1_amd64.deb
Size/MD5: 98272 a5da4c672ee9cdb9238827240a1fd8d4
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2=
=2E0.0.19+nobinonly1-0ubuntu0.7.10.1_amd64.deb
Size/MD5: 67296 1867fa5365e1877b2991f0012a5a0508
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.19+=
nobinonly1-0ubuntu0.7.10.1_amd64.deb
Size/MD5: 10470700 e782eb0e3ee75833b54f6bf6eb7ad587

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0=
=2E19+nobinonly1-0ubuntu0.7.10.1_i386.deb
Size/MD5: 77284164 a71bc30bc1337cf8f764c4e34c0225bc
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0=
=2E19+nobinonly1-0ubuntu0.7.10.1_i386.deb
Size/MD5: 3187094 ac6687331ea182a211af874e78d6ed17
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-sup=
port_2.0.0.19+nobinonly1-0ubuntu0.7.10.1_i386.deb
Size/MD5: 91982 e940726ca92857100f60b40c0627ebe7
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2=
=2E0.0.19+nobinonly1-0ubuntu0.7.10.1_i386.deb
Size/MD5: 66578 8b2d79255ed23faa29d212394bcba143
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.19+=
nobinonly1-0ubuntu0.7.10.1_i386.deb
Size/MD5: 9216882 bc3cbdf09eab1655725e7c6f6e702227

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/f/firefox/firefox-dbg_2.0.0.19+nobino=
nly1-0ubuntu0.7.10.1_lpia.deb
Size/MD5: 77568340 e0c635c7c94d02df21c3959245f82eae
http://ports.ubuntu.com/pool/main/f/firefox/firefox-dev_2.0.0.19+nobino=
nly1-0ubuntu0.7.10.1_lpia.deb
Size/MD5: 3184640 e8dbcad248acefdf2e67206fd9a99884
http://ports.ubuntu.com/pool/main/f/firefox/firefox-gnome-support_2.0.0=
=2E19+nobinonly1-0ubuntu0.7.10.1_lpia.deb
Size/MD5: 91636 54e13279350c153e6c86bc6f56c413ff
http://ports.ubuntu.com/pool/main/f/firefox/firefox-libthai_2.0.0.19+no=
binonly1-0ubuntu0.7.10.1_lpia.deb
Size/MD5: 66524 ebc91a165868249a1d87a91727b7d2fd
http://ports.ubuntu.com/pool/main/f/firefox/firefox_2.0.0.19+nobinonly1=
-0ubuntu0.7.10.1_lpia.deb
Size/MD5: 9073898 5a46dfbb0577f2f590d6ba0b4e8427ae

powerpc architecture (Apple Macintosh G3/G4/G5):

http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0=
=2E19+nobinonly1-0ubuntu0.7.10.1_powerpc.deb
Size/MD5: 80768006 e9ae877064a52623eb7e35814f9b34cc
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0=
=2E19+nobinonly1-0ubuntu0.7.10.1_powerpc.deb
Size/MD5: 3202786 6e6b92b3b5e47bcc20e3803d6c967b0d
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-sup=
port_2.0.0.19+nobinonly1-0ubuntu0.7.10.1_powerpc.deb
Size/MD5: 96330 eac0521eb7d2d212869337a96576741b
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2=
=2E0.0.19+nobinonly1-0ubuntu0.7.10.1_powerpc.deb
Size/MD5: 67580 9261fce133f2603c58f710cfb1c7e387
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.19+=
nobinonly1-0ubuntu0.7.10.1_powerpc.deb
Size/MD5: 10315794 2f30e74ebaf0e5bb0eed03669e67c7b7

sparc architecture (Sun SPARC/UltraSPARC):

http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0=
=2E19+nobinonly1-0ubuntu0.7.10.1_sparc.deb
Size/MD5: 78127352 ab6da326b1db0baf28f1041eff70e3e4
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0=
=2E19+nobinonly1-0ubuntu0.7.10.1_sparc.deb
Size/MD5: 3184440 74705617fd5764f9414756ecf9e2281c
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-sup=
port_2.0.0.19+nobinonly1-0ubuntu0.7.10.1_sparc.deb
Size/MD5: 91764 440f4a3bf1774945c2b93cd90948b7d2
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2=
=2E0.0.19+nobinonly1-0ubuntu0.7.10.1_sparc.deb
Size/MD5: 66664 1f2b23c6612f07ee3f932ff0e294a123
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.19+=
nobinonly1-0ubuntu0.7.10.1_sparc.deb
Size/MD5: 9466814 70da09e753b9ab898be59a3bdd25a646



--uXxzq0nDebZQVNAZ
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAklJlZkACgkQW0JvuRdL8BrO3wCfWSKe7jr5BcAs8pnoU7Yb/mfr
1mUAnixSy+Ad1xkfrj+bmG+h92YMj+CR
=RyLT
-----END PGP SIGNATURE-----



Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/usn_690_2_firefox_vulnerabilities.html)