RHEL 2.1 / 3 : mozilla (RHSA-2004:486)

This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.


Synopsis :

The remote Red Hat host is missing one or more security updates.

Description :

Updated mozilla packages that fix a number of security issues are now
available.

Mozilla is an open source Web browser, advanced email and newsgroup
client, IRC chat client, and HTML editor.

Jesse Ruderman discovered a cross-domain scripting bug in Mozilla. If
a user is tricked into dragging a JavaScript link into another frame
or page, it becomes possible for an attacker to steal or modify
sensitive information from that site. Additionally, if a user is
tricked into dragging two links in sequence to another window (not
frame), it is possible for the attacker to execute arbitrary commands.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2004-0905 to this issue.

Gael Delalleau discovered an integer overflow which affects the BMP
handling code inside Mozilla. An attacker could create a carefully
crafted BMP file in such a way that it would cause Mozilla to crash or
execute arbitrary code when the image is viewed. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CVE-2004-0904 to this issue.

Georgi Guninski discovered a stack-based buffer overflow in the vCard
display routines. An attacker could create a carefully crafted vCard
file in such a way that it would cause Mozilla to crash or execute
arbitrary code when viewed. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name CVE-2004-0903 to this
issue.

Wladimir Palant discovered a flaw in the way JavaScript interacts with
the clipboard. It is possible that an attacker could use malicious
JavaScript code to steal sensitive data which has been copied into the
clipboard. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CVE-2004-0908 to this issue.

Georgi Guninski discovered a heap based buffer overflow in the 'Send
Page' feature. It is possible that an attacker could construct a link
in such a way that a user attempting to forward it could result in a
crash or arbitrary code execution. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CVE-2004-0902
to this issue.

Users of Mozilla should update to these updated packages, which
contain backported patches and are not vulnerable to these issues.

See also :

https://www.redhat.com/security/data/cve/CVE-2004-0902.html
https://www.redhat.com/security/data/cve/CVE-2004-0903.html
https://www.redhat.com/security/data/cve/CVE-2004-0904.html
https://www.redhat.com/security/data/cve/CVE-2004-0905.html
https://www.redhat.com/security/data/cve/CVE-2004-0908.html
http://www.mozilla.org/projects/security/known-vulnerabilities.html#
http://rhn.redhat.com/errata/RHSA-2004-486.html

Solution :

Update the affected packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Family: Red Hat Local Security Checks

Nessus Plugin ID: 15409 ()

Bugtraq ID:

CVE ID: CVE-2004-0902
CVE-2004-0903
CVE-2004-0904
CVE-2004-0905
CVE-2004-0908