Ubuntu 8.04 LTS / 8.10 / 9.04 : firefox-3.0, xulrunner-1.9 vulnerabilities (USN-779-1)

Ubuntu Security Notice (C) 2009-2013 Canonical, Inc. / NASL script (C) 2009-2013 Tenable Network Security, Inc.


Synopsis :

The remote Ubuntu host is missing one or more security-related patches.

Description :

Several flaws were discovered in the browser and JavaScript engines of
Firefox. If a user were tricked into viewing a malicious website, a
remote attacker could cause a denial of service or possibly execute
arbitrary code with the privileges of the user invoking the program.
(CVE-2009-1392, CVE-2009-1832, CVE-2009-1833, CVE-2009-1837,
CVE-2009-1838)

Pavel Cvrcek discovered that Firefox would sometimes display certain
invalid Unicode characters as whitespace. An attacker could exploit
this to spoof the location bar, such as in a phishing attack.
(CVE-2009-1834)

Gregory Fleischer, Adam Barth and Collin Jackson discovered that
Firefox would allow access to local files from resources loaded via
the file: protocol. If a user were tricked into downloading then
opening a malicious file, an attacker could steal potentially
sensitive information. (CVE-2009-1835, CVE-2009-1839)

Shuo Chen, Ziqing Mao, Yi-Min Wang, and Ming Zhang discovered that
Firefox did not properly handle error responses when connecting to a
proxy server. If a remote attacker were able to perform a
man-in-the-middle attack, this flaw could be exploited to view
sensitive information. (CVE-2009-1836)

Wladimir Palant discovered Firefox did not check content-loading
policies when loading external script files into XUL documents. As a
result, Firefox might load malicious content under certain
circumstances. (CVE-2009-1840)

It was discovered that Firefox could be made to run scripts with
elevated privileges. If a user were tricked into viewing a malicious
website, an attacker could cause a chrome privileged object, such as
the browser sidebar, to run arbitrary code via interactions with the
attacker controlled website. (CVE-2009-1841).

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)