openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-6379)

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

The MozillaFirefox 3.0.12 release fixes various bugs and some critical
security issues.

MFSA 2009-34 / CVE-2009-2462 / CVE-2009-2463 / CVE-2009-2464 /
CVE-2009-2465 / CVE-2009-2466: Mozilla developers and community
members identified and fixed several stability bugs in the browser
engine used in Firefox and other Mozilla-based products. Some of these
crashes showed evidence of memory corruption under certain
circumstances and we presume that with enough effort at least some of
these could be exploited to run arbitrary code.

MFSA 2009-35 / CVE-2009-2467: Security researcher Attila Suszter
reported that when a page contains a Flash object which presents a
slow script dialog, and the page is navigated while the dialog is
still visible to the user, the Flash plugin is unloaded resulting in a
crash due to a call to the deleted object. This crash could
potentially be used by an attacker to run arbitrary code on a victim's
computer.

MFSA 2009-36 / CVE-2009-1194: oCERT security researcher Will Drewry
reported a series of heap and integer overflow vulnerabilities which
independently affected multiple font glyph rendering libraries. On
Linux platforms libpango was susceptible to the vulnerabilities while
on OS X CoreGraphics was similarly vulnerable. An attacker could
trigger these overflows by constructing a very large text run for the
browser to display. Such an overflow can result in a crash which the
attacker could potentially use to run arbitrary code on a victim's
computer. The open-source nature of Linux meant that Mozilla was able
to work with the libpango maintainers to implement the correct fix in
version 1.24 of that system library which was distributed with OS
security updates. On Mac OS X Firefox works around the CoreGraphics
flaw by limiting the length of text runs passed to the system.

MFSA 2009-37 / CVE-2009-2469: Security researcher PenPal reported a
crash involving a SVG element on which a watch function and
__defineSetter__ function have been set for a particular property. The
crash showed evidence of memory corruption and could potentially be
used by an attacker to run arbitrary code on a victim's computer.

MFSA 2009-39 / CVE-2009-2471: Mozilla developer Blake Kaplan reported
that setTimeout, when called with certain object parameters which
should be protected with a XPCNativeWrapper, will fail to keep the
object wrapped when compiling the new function to be executed. If
chrome privileged code were to call setTimeout using this as an
argument, the this object will lose its wrapper and could be unsafely
accessed by chrome code. An attacker could use such vulnerable code to
run arbitrary JavaScript with chrome privileges.

MFSA 2009-40 / CVE-2009-2472: Mozilla security researcher moz_bug_r_a4
reported a series of vulnerabilities in which objects that normally
receive a XPCCrossOriginWrapper are constructed without the wrapper.
This can lead to cases where JavaScript from one website may unsafely
access properties of such an object which had been set by a different
website. A malicious website could use this vulnerability to launch a
XSS attack and run arbitrary JavaScript within the context of another
site.

Solution :

Update the affected MozillaFirefox packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now