openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-5449)

This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

MozillaFirefox was updated to version 2.0.0.16, which fixes various
bugs and following security issues :

MFSA 2008-34 CVE-2008-2785: An anonymous researcher, via
TippingPoint's Zero Day Initiative program, reported a vulnerability
in Mozilla CSS reference counting code. The vulnerability was caused
by an insufficiently sized variable being used as a reference counter
for CSS objects. By creating a very large number of references to a
common CSS object, this counter could be overflowed which could cause
a crash when the browser attempts to free the CSS object while still
in use. An attacker could use this crash to run arbitrary code on the
victim's computer.

MFSA 2008-35 CVE-2008-2933: Security researcher Billy Rios reported
that if Firefox is not already running, passing it a command-line URI
with pipe symbols will open multiple tabs. This URI splitting could be
used to launch privileged chrome: URIs from the command-line, a
partial bypass of the fix for MFSA 2005-53 which blocks external
applications from loading such URIs. This vulnerability could also be
used by an attacker to launch a file: URI from the command line
opening a malicious local file which could exfiltrate data from the
local filesystem. Combined with a vulnerability which allows an
attacker to inject code into a chrome document, the above issue could
be used to run arbitrary code on a victim's computer. Such a chrome
injection vulnerability was reported by Mozilla developers Ben Turner
and Dan Veditz who showed that a XUL based SSL error page was not
properly sanitizing inputs and could be used to run arbitrary code
with chrome privileges.

Solution :

Update the affected MozillaFirefox packages.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 33756 ()

Bugtraq ID:

CVE ID: CVE-2008-2785
CVE-2008-2933

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now