navigation bar left navigation bar right

Secunia CSI7
navigation left tab Advisories navigation right tab
navigation left tab Research navigation right tab
navigation left tab Forums navigation right tab
navigation left tab Create Profile navigation right tab
navigation left tab Our Commitment navigation right tab
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Mozilla Firefox Multiple Vulnerabilities

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Vulnerabilities

See the original Secunia advisory:
Mozilla Firefox Multiple Vulnerabilities

Secunia Mozilla Firefox Multiple Vulnerabilities
Secunia Official 12th Dec, 2010 11:52
Ranking: 0
Posts: 0
User Since: -
System Score: -
Location: Copenhagen, DK
A weakness and some vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, bypass certain security restrictions, and compromise a user's system.

1) Multiple errors in the browser engine can be exploited to corrupt memory and potentially execute arbitrary code.

2) An error when handling line breaks in overly long strings passed to "document.write()" can be exploited to read data from out-of-bounds memory location and potentially execute arbitrary code.

3) An error when opening a new window using "window.open()" can be exploited to execute arbitrary JavaScript code with chrome privileges via the "<isindex>" element.

4) An error in the handling of "<div>" elements nested within "<treechildren>" elements in a XUL tree element can be exploited to corrupt memory and potentially execute arbitrary code.

5) An error in the Java LiveConnect script when loaded via a "data:" URL can be exploited to e.g. read arbitrary files, launch arbitrary processes, and establish arbitrary network connections.

6) A use-after-free error in the "NodeIterator API" when handling a "nsDOMAttribute" node can be exploited to corrupt memory and execute arbitrary code.

7) An integer overflow when creating arrays can be exploited to corrupt memory and potentially execute arbitrary code.

8) An error related to the XMLHttpRequestSpy object can be exploited to execute arbitrary JavaScript code.

This is due to an incomplete fix for vulnerability #9 in:
SA37242

9) An error exists in the handling of documents with no inherent origin associated. This can be exploited to bypass the same-origin policy and spoof the URL of a trusted site by tricking users into opening site which result in e.g. about:config or about:neterror pages.

10) An error exists in the rendering engine when handling certain Mac charset encodings. This can be exploited to potentially execute arbitrary JavaScript code in the context of the destination website.

The weakness and the vulnerabilities are reported in versions prior to 3.6.13 and 3.5.16.

black7mt

RE: Mozilla Firefox Multiple Vulnerabilities
[+]
This reply has been minimised due to a negative Relevancy Score.

black7mt

RE: Mozilla Firefox Multiple Vulnerabilities
[+]
This reply has been minimised due to a negative Relevancy Score.

Bob1007

RE: Mozilla Firefox Multiple Vulnerabilities
[+]
This reply has been minimised due to a negative Relevancy Score.
Anthony Wells RE: Mozilla Firefox Multiple Vulnerabilities
Expert Contributor 15th Dec, 2010 21:34
Score: 2463
Posts: 3,348
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

Hello Bob ,

As a new user of the forum , you may be unaware that this thread in this "vulnerabilities" sub-forum is restricted to technical discussion of the Secunia Advisory - in this case 42517 .

If you have a detection problem of Firefox with the PSI , you need to create your own thread and post it in the "program" or "open discussion" sub-forum - see the upper lhs of this page .

Take care

Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


Secunia is a member of FIRST Secunia is a member of EDUcause Secunia is a member of The Open Group Secunia is a member of FS-ISAC
 
Secunia © 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer
follow Secunia on Facebook follow Secunia on Twitter follow Secunia on LinkedIn follow Secunia on YouTube follow Secunia Xing follow Secunias RSS feed follow Secunia on Google+