Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : firefox vulnerabilities (USN-1600-1)

Ubuntu Security Notice (C) 2012-2016 Canonical, Inc. / NASL script (C) 2012-2016 Tenable Network Security, Inc.


Synopsis :

The remote Ubuntu host is missing a security-related patch.

Description :

Henrik Skupin, Jesse Ruderman, Christian Holler, Soroush Dalili and
others discovered several memory corruption flaws in Firefox. If a
user were tricked into opening a specially crafted web page, a remote
attacker could cause Firefox to crash or potentially execute arbitrary
code as the user invoking the program. (CVE-2012-3982, CVE-2012-3983,
CVE-2012-3988, CVE-2012-3989)

David Bloom and Jordi Chancel discovered that Firefox did not always
properly handle the <select> element. A remote attacker could exploit
this to conduct URL spoofing and clickjacking attacks. (CVE-2012-3984)

Collin Jackson discovered that Firefox did not properly follow the
HTML5 specification for document.domain behavior. A remote attacker
could exploit this to conduct cross-site scripting (XSS) attacks via
JavaScript execution. (CVE-2012-3985)

Johnny Stenback discovered that Firefox did not properly perform
security checks on test methods for DOMWindowUtils. (CVE-2012-3986)

Alice White discovered that the security checks for GetProperty could
be bypassed when using JSAPI. If a user were tricked into opening a
specially crafted web page, a remote attacker could exploit this to
execute arbitrary code as the user invoking the program.
(CVE-2012-3991)

Mariusz Mlynski discovered a history state error in Firefox. A remote
attacker could exploit this to spoof the location property to inject
script or intercept posted data. (CVE-2012-3992)

Mariusz Mlynski and others discovered several flaws in Firefox that
allowed a remote attacker to conduct cross-site scripting (XSS)
attacks. (CVE-2012-3993, CVE-2012-3994, CVE-2012-4184)

Abhishek Arya, Atte Kettunen and others discovered several memory
flaws in Firefox when using the Address Sanitizer tool. If a user were
tricked into opening a specially crafted web page, a remote attacker
could cause Firefox to crash or potentially execute arbitrary code as
the user invoking the program. (CVE-2012-3990, CVE-2012-3995,
CVE-2012-4179, CVE-2012-4180, CVE-2012-4181, CVE-2012-4182,
CVE-2012-4183, CVE-2012-4185, CVE-2012-4186, CVE-2012-4187,
CVE-2012-4188).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

Solution :

Update the affected firefox package.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.8
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true