openSUSE Security Update : MozillaFirefox (openSUSE-SU-2014:1099-1)

This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

Mozilla Firefox was updated to Firefox 32 fixing security issues and
bugs.

Security issues fixed: MFSA 2014-72 / CVE-2014-1567: Security
researcher regenrecht reported, via TippingPoint's Zero Day
Initiative, a use-after-free during text layout when interacting with
the setting of text direction. This results in a use-after-free which
can lead to arbitrary code execution.

MFSA 2014-70 / CVE-2014-1565: Security researcher Holger Fuhrmannek
discovered an out-of-bounds read during the creation of an audio
timeline in Web Audio. This results in a crash and could allow for the
reading of random memory values.

MFSA 2014-69 / CVE-2014-1564: Google security researcher Michal
Zalewski discovered that when a malformated GIF image is rendered in
certain circumstances, memory is not properly initialized before use.
The resulting image then uses this memory during rendering. This could
allow for the a script in web content to access this uninitialized
memory using the <canvas> feature.

MFSA 2014-68 / CVE-2014-1563: Security researcher Abhishek Arya
(Inferno) of the Google Chrome Security Team used the Address
Sanitizer tool to discover a use-after-free during cycle collection.
This was found in interactions with the SVG content through the
document object model (DOM) with animating SVG content. This leads to
a potentially exploitable crash.

MFSA 2014-67: Mozilla developers and community identified and fixed
several memory safety bugs in the browser engine used in Firefox and
other Mozilla-based products. Some of these bugs showed evidence of
memory corruption under certain circumstances, and we presume that
with enough effort at least some of these could be exploited to run
arbitrary code.

Jan de Mooij reported a memory safety problem that affects Firefox ESR
24.7, ESR 31 and Firefox 31. (CVE-2014-1562)

Christian Holler, Jan de Mooij, Karl Tomlinson, Randell Jesup, Gary
Kwong, Jesse Ruderman, and JW Wang reported memory safety problems and
crashes that affect Firefox ESR 31 and Firefox 31. (CVE-2014-1553)

Gary Kwong, Christian Holler, and David Weir reported memory safety
problems and crashes that affect Firefox 31. (CVE-2014-1554)

Mozilla NSS was updated to 3.16.4: Notable Changes :

- The following 1024-bit root CA certificate was restored
to allow more time to develop a better transition
strategy for affected sites. It was removed in NSS
3.16.3, but discussion in the
mozilla.dev.security.policy forum led to the decision to
keep this root included longer in order to give website
administrators more time to update their web servers.

- CN = GTE CyberTrust Global Root

- In NSS 3.16.3, the 1024-bit 'Entrust.net Secure Server
Certification Authority' root CA certificate was
removed. In NSS 3.16.4, a 2048-bit intermediate CA
certificate has been included, without explicit trust.
The intention is to mitigate the effects of the previous
removal of the 1024-bit Entrust.net root certificate,
because many public Internet sites still use the
'USERTrust Legacy Secure Server CA' intermediate
certificate that is signed by the 1024-bit Entrust.net
root certificate. The inclusion of the intermediate
certificate is a temporary measure to allow those sites
to function, by allowing them to find a trust path to
another 2048-bit root CA certificate. The temporarily
included intermediate certificate expires November 1,
2015.

See also :

http://lists.opensuse.org/opensuse-updates/2014-09/msg00011.html
https://bugzilla.novell.com/show_bug.cgi?id=894201
https://bugzilla.novell.com/show_bug.cgi?id=894370

Solution :

Update the affected MozillaFirefox packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 77618 ()

Bugtraq ID:

CVE ID: CVE-2014-1553
CVE-2014-1554
CVE-2014-1562
CVE-2014-1563
CVE-2014-1564
CVE-2014-1565
CVE-2014-1567

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now