SuSE 11 Security Update : Mozilla (SAT Patch Number 1328)

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.


Synopsis :

The remote SuSE 11 host is missing one or more security updates.

Description :

This update brings the Mozilla XULRunner engine to the 1.9.0.14 stable
release.

It also fixes various security issues :

- / CVE-2009-30 /. (MFSA 2009-47 / CVE-2009-3069 /
CVE-2009-3070 / CVE-2009-3071 / CVE-2009-3072 /
CVE-2009-3073)

- Mozilla developers and community members identified and
fixed several stability bugs in the browser engine used
in Firefox and other Mozilla-based products. Some of
these crashes showed evidence of memory corruption under
certain circumstances and we presume that with enough
effort at least some of these could be exploited to run
arbitrary code. (CVE-2009-3075)

- Mozilla security researcher Jesse Rudermanreported that
when security modules were added or removed via
pkcs11.addmodule or pkcs11.deletemodule, the resulting
dialog was not sufficiently informative. Without
sufficient warning, an attacker could entice a victim to
install a malicious PKCS11 module and affect the
cryptographic integrity of the victim's browser.
Security researcher Dan Kaminsky reported that this
issue had not been fixed in Firefox 3.0 and that under
certain circumstances pkcs11 modules could be installed
from a remote location. Firefox 3.5 releases are not
affected. (MFSA 2009-48 / CVE-2009-3076)

- An anonymous security researcher, via TippingPoint's
Zero Day Initiative, reported that the columns of a XUL
tree element could be manipulated in a particular way
which would leave a pointer owned by the column pointing
to freed memory. An attacker could potentially use this
vulnerability to crash a victim's browser and run
arbitrary code on the victim's computer. (MFSA 2009-49 /
CVE-2009-3077)

- Security researcher Juan Pablo Lopez Yacubian reported
that the default Windows font used to render the
locationbar and other text fields was improperly
displaying certain Unicode characters with tall
line-height. In such cases the tall line-height would
cause the rest of the text in the input field to be
scrolled vertically out of view. An attacker could use
this vulnerability to prevent a user from seeing the URL
of a malicious site. Corrie Sloot also independently
reported this issue to Mozilla. (MFSA 2009-50 /
CVE-2009-3078)

- Mozilla security researcher moz_bug_r_a4 reported that
the BrowserFeedWriter could be leveraged to run
JavaScript code from web content with elevated
privileges. Using this vulnerability, an attacker could
construct an object containing malicious JavaScript and
cause the FeedWriter to process the object, running the
malicious code with chrome privileges. Thunderbird does
not support the BrowserFeedWriter object and is not
vulnerable in its default configuration. Thunderbird
might be vulnerable if the user has installed any add-on
which adds a similarly implemented feature and then
enables JavaScript in mail messages. This is not the
default setting and we strongly discourage users from
running JavaScript in mail. (MFSA 2009-51 /
CVE-2009-3079)

See also :

http://www.mozilla.org/security/announce/2009/mfsa2009-47.html
http://www.mozilla.org/security/announce/2009/mfsa2009-48.html
http://www.mozilla.org/security/announce/2009/mfsa2009-49.html
http://www.mozilla.org/security/announce/2009/mfsa2009-50.html
http://www.mozilla.org/security/announce/2009/mfsa2009-51.html
https://bugzilla.novell.com/show_bug.cgi?id=534458
http://support.novell.com/security/cve/CVE-2009-3069.html
http://support.novell.com/security/cve/CVE-2009-3070.html
http://support.novell.com/security/cve/CVE-2009-3071.html
http://support.novell.com/security/cve/CVE-2009-3072.html
http://support.novell.com/security/cve/CVE-2009-3073.html
http://support.novell.com/security/cve/CVE-2009-3075.html
http://support.novell.com/security/cve/CVE-2009-3076.html
http://support.novell.com/security/cve/CVE-2009-3077.html
http://support.novell.com/security/cve/CVE-2009-3078.html
http://support.novell.com/security/cve/CVE-2009-3079.html

Solution :

Apply SAT patch number 1328.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now