RHEL 2.1 / 3 : Mozilla (RHSA-2005:384)

This script is Copyright (C) 2005-2014 Tenable Network Security, Inc.


Synopsis :

The remote Red Hat host is missing one or more security updates.

Description :

Updated Mozilla packages that fix various security bugs are now
available.

This update has been rated as having Important security impact by the
Red Hat Security Response Team.

Mozilla is an open source Web browser, advanced email and newsgroup
client, IRC chat client, and HTML editor.

Several bugs were found with the way Mozilla displays the secure site
icon. It is possible that a malicious website could display the secure
site icon along with incorrect certificate information. (CVE-2005-0143
CVE-2005-0593)

A bug was found in the way Mozilla handles synthetic middle click
events. It is possible for a malicious web page to steal the contents
of a victims clipboard. (CVE-2005-0146)

Several bugs were found with the way Mozilla handles temporary files.
A local user could view sensitive temporary information or delete
arbitrary files. (CVE-2005-0142 CVE-2005-0578)

A bug was found in the way Mozilla handles pop-up windows. It is
possible for a malicious website to control the content in an
unrelated site's pop-up window. (CVE-2004-1156)

A flaw was found in the way Mozilla displays international domain
names. It is possible for an attacker to display a valid URL, tricking
the user into thinking they are viewing a legitimate webpage when they
are not. (CVE-2005-0233)

A bug was found in the way Mozilla processes XUL content. If a
malicious web page can trick a user into dragging an object, it is
possible to load malicious XUL content. (CVE-2005-0401)

A bug was found in the way Mozilla handles xsl:include and xsl:import
directives. It is possible for a malicious website to import XSLT
stylesheets from a domain behind a firewall, leaking information to an
attacker. (CVE-2005-0588)

Several bugs were found in the way Mozilla displays alert dialogs. It
is possible for a malicious webserver or website to trick a user into
thinking the dialog window is being generated from a trusted site.
(CVE-2005-0586 CVE-2005-0591 CVE-2005-0585 CVE-2005-0590
CVE-2005-0584)

A bug was found in the Mozilla JavaScript security manager. If a user
drags a malicious link to a tab, the JavaScript security manager is
bypassed, which could result in remote code execution or information
disclosure. (CVE-2005-0231)

A bug was found in the way Mozilla allows plug-ins to load privileged
content into a frame. It is possible that a malicious webpage could
trick a user into clicking in certain places to modify configuration
settings or execute arbitrary code. (CVE-2005-0232 and CVE-2005-0527)

A bug was found in the way Mozilla handles anonymous functions during
regular expression string replacement. It is possible for a malicious
web page to capture a random block of browser memory. (CVE-2005-0989)

A bug was found in the way Mozilla displays pop-up windows. If a user
choses to open a pop-up window whose URL is malicious JavaScript, the
script will be executed with elevated privileges. (CVE-2005-1153)

A bug was found in the way Mozilla installed search plugins. If a user
chooses to install a search plugin from a malicious site, the new
plugin could silently overwrite an existing plugin. This could allow
the malicious plugin to execute arbitrary code and stealm sensitive
information. (CVE-2005-1156 CVE-2005-1157)

Several bugs were found in the Mozilla JavaScript engine. A malicious
web page could leverage these issues to execute JavaScript with
elevated privileges or steal sensitive information. (CVE-2005-1154
CVE-2005-1155 CVE-2005-1159 CVE-2005-1160)

Users of Mozilla are advised to upgrade to this updated package which
contains Mozilla version 1.7.7 to correct these issues.

See also :

https://www.redhat.com/security/data/cve/CVE-2004-1156.html
https://www.redhat.com/security/data/cve/CVE-2005-0142.html
https://www.redhat.com/security/data/cve/CVE-2005-0143.html
https://www.redhat.com/security/data/cve/CVE-2005-0146.html
https://www.redhat.com/security/data/cve/CVE-2005-0231.html
https://www.redhat.com/security/data/cve/CVE-2005-0232.html
https://www.redhat.com/security/data/cve/CVE-2005-0233.html
https://www.redhat.com/security/data/cve/CVE-2005-0401.html
https://www.redhat.com/security/data/cve/CVE-2005-0527.html
https://www.redhat.com/security/data/cve/CVE-2005-0578.html
https://www.redhat.com/security/data/cve/CVE-2005-0584.html
https://www.redhat.com/security/data/cve/CVE-2005-0585.html
https://www.redhat.com/security/data/cve/CVE-2005-0586.html
https://www.redhat.com/security/data/cve/CVE-2005-0588.html
https://www.redhat.com/security/data/cve/CVE-2005-0590.html
https://www.redhat.com/security/data/cve/CVE-2005-0591.html
https://www.redhat.com/security/data/cve/CVE-2005-0593.html
https://www.redhat.com/security/data/cve/CVE-2005-0989.html
https://www.redhat.com/security/data/cve/CVE-2005-1153.html
https://www.redhat.com/security/data/cve/CVE-2005-1154.html
https://www.redhat.com/security/data/cve/CVE-2005-1155.html
https://www.redhat.com/security/data/cve/CVE-2005-1156.html
https://www.redhat.com/security/data/cve/CVE-2005-1157.html
https://www.redhat.com/security/data/cve/CVE-2005-1159.html
https://www.redhat.com/security/data/cve/CVE-2005-1160.html
http://rhn.redhat.com/errata/RHSA-2005-384.html

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)