Impact
remote code execution
Solution
Please Install the Updated Packages.
Insight
Mozilla Firefox was updated to version 3.6.10, fixing various bugs and security issues.
Mozilla Thunderbird was updated to version 3.0.8 on openSUSE, fixing the same bugs.
Mozilla Seamonkey was updated to version 2.0.8 on openSUSE, fixing the same bugs.
A Firefox update for SUSE Linux Enterprise 10 Service Pack 3 is still being worked on and currently held back due to legal problems with the Firefox 3.5 - 3.6 version upgrade and some browser components.
Following security issues were fixed:
CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code.
CVE-2010-2765: Security researcher Chris Rohlf
of Matasano Security reported that the implementation of the HTML frameset element contained an integer overflow vulnerability. The code responsible for parsing the frameset columns used an 8-byte counter for the column numbers, so when a very large number of columns was passed in the counter would overflow. When this counter was subsequently used to allocate memory for the frameset, the memory buffer would be too small, potentially resulting in a heap buffer overflow and execution of attacker-controlled memory.
CVE-2010-2767: Security researcher Sergey Glazunov reported a dangling pointer vulnerability in the implementation of navigator.plugins in which the navigator object could retain a pointer to the plugins array even after it had been destroyed. An attacker could potentially use this issue to crash the browser and run arbitrary code on a victim's computer.
CVE-2010-3131: Security researcher Haifei Li of
FortiGuard Labs reported that Firefox could be used to load a malicious code library that had been planted on a victim's computer. Firefox attempts to load dwmapi.dll upon startup as part of its platform detection, so on systems that don't have this library, such as Windows XP, Firefox will subsequently attempt to load the library from the current working directory. An attacker could use this vulnerability to trick a user into downloading a HTML file and a malicious copy of dwmapi.dll into the same directory on their computer and opening the HTML file with Firefox, thus causing the malicious code to be executed. If the attacker was on the same network as the ...
Description truncated, for more information please check the Reference URL
Affected
MozillaFirefox,MozillaThunderbird,seamonkey on openSUSE 11.1, openSUSE 11.2
References
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities