SUSE SLED12 / SLES12 Security Update : MozillaFirefox, MozillaFirefox-branding-SLE (SUSE-SU-2017:1669-1)

High Nessus Plugin ID 101055

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The Mozilla Firefox was updated to the new ESR 52.2 release, which fixes the following issues (bsc#1043960) :

- MFSA 2017-16/CVE-2017-7758 Out-of-bounds read in Opus encoder

- MFSA 2017-16/CVE-2017-7749 Use-after-free during docshell reloading

- MFSA 2017-16/CVE-2017-7751 Use-after-free with content viewer listeners

- MFSA 2017-16/CVE-2017-5472 Use-after-free using destroyed node when regenerating trees

- MFSA 2017-16/CVE-2017-5470 Memory safety bugs fixed in Firefox 54 and Firefox ESR 52.2

- MFSA 2017-16/CVE-2017-7752 Use-after-free with IME input

- MFSA 2017-16/CVE-2017-7750 Use-after-free with track elements

- MFSA 2017-16/CVE-2017-7768 32 byte arbitrary file read through Mozilla Maintenance Service

- MFSA 2017-16/CVE-2017-7778 Vulnerabilities in the Graphite 2 library

- MFSA 2017-16/CVE-2017-7754 Out-of-bounds read in WebGL with ImageInfo object

- MFSA 2017-16/CVE-2017-7755 Privilege escalation through Firefox Installer with same directory DLL files

- MFSA 2017-16/CVE-2017-7756 Use-after-free and use-after-scope logging XHR header errors

- MFSA 2017-16/CVE-2017-7757 Use-after-free in IndexedDB

- MFSA 2017-16/CVE-2017-7761 File deletion and privilege escalation through Mozilla Maintenance Service helper.exe application

- MFSA 2017-16/CVE-2017-7763 Mac fonts render some unicode characters as spaces

- MFSA 2017-16/CVE-2017-7765 Mark of the Web bypass when saving executable files

- MFSA 2017-16/CVE-2017-7764 (bmo#1364283, bmo#http://www.unicode.org/reports/tr31/tr31-26 .html#Aspirational_Use_Scripts) Domain spoofing with combination of Canadian Syllabics and other unicode blocks

- update to Firefox ESR 52.1 (bsc#1035082)

- MFSA 2017-12/CVE-2016-10196 Vulnerabilities in Libevent library

- MFSA 2017-12/CVE-2017-5443 Out-of-bounds write during BinHex decoding

- MFSA 2017-12/CVE-2017-5429 Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and Firefox ESR 52.1

- MFSA 2017-12/CVE-2017-5464 Memory corruption with accessibility and DOM manipulation

- MFSA 2017-12/CVE-2017-5465 Out-of-bounds read in ConvolvePixel

- MFSA 2017-12/CVE-2017-5466 Origin confusion when reloading isolated data:text/html URL

- MFSA 2017-12/CVE-2017-5467 Memory corruption when drawing Skia content

- MFSA 2017-12/CVE-2017-5460 Use-after-free in frame selection

- MFSA 2017-12/CVE-2017-5461 Out-of-bounds write in Base64 encoding in NSS

- MFSA 2017-12/CVE-2017-5448 Out-of-bounds write in ClearKeyDecryptor

- MFSA 2017-12/CVE-2017-5449 Crash during bidirectional unicode manipulation with animation

- MFSA 2017-12/CVE-2017-5446 Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data

- MFSA 2017-12/CVE-2017-5447 Out-of-bounds read during glyph processing

- MFSA 2017-12/CVE-2017-5444 Buffer overflow while parsing application/http-index-format content

- MFSA 2017-12/CVE-2017-5445 Uninitialized values used while parsing application/http- index-format content

- MFSA 2017-12/CVE-2017-5442 Use-after-free during style changes

- MFSA 2017-12/CVE-2017-5469 Potential Buffer overflow in flex-generated code

- MFSA 2017-12/CVE-2017-5440 Use-after-free in txExecutionState destructor during XSLT processing

- MFSA 2017-12/CVE-2017-5441 Use-after-free with selection during scroll events

- MFSA 2017-12/CVE-2017-5439 Use-after-free in nsTArray Length() during XSLT processing

- MFSA 2017-12/CVE-2017-5438 Use-after-free in nsAutoPtr during XSLT processing

- MFSA 2017-12/CVE-2017-5436 Out-of-bounds write with malicious font in Graphite 2

- MFSA 2017-12/CVE-2017-5435 Use-after-free during transaction processing in the editor

- MFSA 2017-12/CVE-2017-5434 Use-after-free during focus handling

- MFSA 2017-12/CVE-2017-5433 Use-after-free in SMIL animation functions

- MFSA 2017-12/CVE-2017-5432 Use-after-free in text input selection

- MFSA 2017-12/CVE-2017-5430 Memory safety bugs fixed in Firefox 53 and Firefox ESR 52.1

- MFSA 2017-12/CVE-2017-5459 Buffer overflow in WebGL

- MFSA 2017-12/CVE-2017-5462 DRBG flaw in NSS

- MFSA 2017-12/CVE-2017-5455 Sandbox escape through internal feed reader APIs

- MFSA 2017-12/CVE-2017-5454 Sandbox escape allowing file system read access through file picker

- MFSA 2017-12/CVE-2017-5456 Sandbox escape allowing local file system access

- MFSA 2017-12/CVE-2017-5451 Addressbar spoofing with onblur event

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE OpenStack Cloud 6:zypper in -t patch SUSE-OpenStack-Cloud-6-2017-1035=1

SUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1035=1

SUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1035=1

SUSE Linux Enterprise Server for SAP 12:zypper in -t patch SUSE-SLE-SAP-12-2017-1035=1

SUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1035=1

SUSE Linux Enterprise Server 12-SP2:zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1035=1

SUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1035=1

SUSE Linux Enterprise Server 12-LTSS:zypper in -t patch SUSE-SLE-SERVER-12-2017-1035=1

SUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1035=1

To bring your system up-to-date, use 'zypper patch'.

See Also

http://www.unicode.org/reports/tr31/tr31-26

https://bugzilla.suse.com/show_bug.cgi?id=1035082

https://bugzilla.suse.com/show_bug.cgi?id=1043960

https://www.suse.com/security/cve/CVE-2016-10196/

https://www.suse.com/security/cve/CVE-2017-5429/

https://www.suse.com/security/cve/CVE-2017-5430/

https://www.suse.com/security/cve/CVE-2017-5432/

https://www.suse.com/security/cve/CVE-2017-5433/

https://www.suse.com/security/cve/CVE-2017-5434/

https://www.suse.com/security/cve/CVE-2017-5435/

https://www.suse.com/security/cve/CVE-2017-5436/

https://www.suse.com/security/cve/CVE-2017-5438/

https://www.suse.com/security/cve/CVE-2017-5439/

https://www.suse.com/security/cve/CVE-2017-5440/

https://www.suse.com/security/cve/CVE-2017-5441/

https://www.suse.com/security/cve/CVE-2017-5442/

https://www.suse.com/security/cve/CVE-2017-5443/

https://www.suse.com/security/cve/CVE-2017-5444/

https://www.suse.com/security/cve/CVE-2017-5445/

https://www.suse.com/security/cve/CVE-2017-5446/

https://www.suse.com/security/cve/CVE-2017-5447/

https://www.suse.com/security/cve/CVE-2017-5448/

https://www.suse.com/security/cve/CVE-2017-5449/

https://www.suse.com/security/cve/CVE-2017-5451/

https://www.suse.com/security/cve/CVE-2017-5454/

https://www.suse.com/security/cve/CVE-2017-5455/

https://www.suse.com/security/cve/CVE-2017-5456/

https://www.suse.com/security/cve/CVE-2017-5459/

https://www.suse.com/security/cve/CVE-2017-5460/

https://www.suse.com/security/cve/CVE-2017-5461/

https://www.suse.com/security/cve/CVE-2017-5462/

https://www.suse.com/security/cve/CVE-2017-5464/

https://www.suse.com/security/cve/CVE-2017-5465/

https://www.suse.com/security/cve/CVE-2017-5466/

https://www.suse.com/security/cve/CVE-2017-5467/

https://www.suse.com/security/cve/CVE-2017-5469/

https://www.suse.com/security/cve/CVE-2017-5470/

https://www.suse.com/security/cve/CVE-2017-5472/

https://www.suse.com/security/cve/CVE-2017-7749/

https://www.suse.com/security/cve/CVE-2017-7750/

https://www.suse.com/security/cve/CVE-2017-7751/

https://www.suse.com/security/cve/CVE-2017-7752/

https://www.suse.com/security/cve/CVE-2017-7754/

https://www.suse.com/security/cve/CVE-2017-7755/

https://www.suse.com/security/cve/CVE-2017-7756/

https://www.suse.com/security/cve/CVE-2017-7757/

https://www.suse.com/security/cve/CVE-2017-7758/

https://www.suse.com/security/cve/CVE-2017-7761/

https://www.suse.com/security/cve/CVE-2017-7763/

https://www.suse.com/security/cve/CVE-2017-7764/

https://www.suse.com/security/cve/CVE-2017-7765/

https://www.suse.com/security/cve/CVE-2017-7768/

https://www.suse.com/security/cve/CVE-2017-7778/

http://www.nessus.org/u?6c4e839e

Plugin Details

Severity: High

ID: 101055

File Name: suse_SU-2017-1669-1.nasl

Version: 3.10

Type: local

Agent: unix

Published: 2017/06/27

Updated: 2019/09/11

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.5

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

CVSS v3.0

Base Score: 9.8

Temporal Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:MozillaFirefox, p-cpe:/a:novell:suse_linux:MozillaFirefox-branding-SLE, p-cpe:/a:novell:suse_linux:MozillaFirefox-debuginfo, p-cpe:/a:novell:suse_linux:MozillaFirefox-debugsource, p-cpe:/a:novell:suse_linux:MozillaFirefox-devel, p-cpe:/a:novell:suse_linux:MozillaFirefox-translations, cpe:/o:novell:suse_linux:12

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2017/06/26

Vulnerability Publication Date: 2017/03/15

Reference Information

CVE: CVE-2016-10196, CVE-2017-5429, CVE-2017-5430, CVE-2017-5432, CVE-2017-5433, CVE-2017-5434, CVE-2017-5435, CVE-2017-5436, CVE-2017-5438, CVE-2017-5439, CVE-2017-5440, CVE-2017-5441, CVE-2017-5442, CVE-2017-5443, CVE-2017-5444, CVE-2017-5445, CVE-2017-5446, CVE-2017-5447, CVE-2017-5448, CVE-2017-5449, CVE-2017-5451, CVE-2017-5454, CVE-2017-5455, CVE-2017-5456, CVE-2017-5459, CVE-2017-5460, CVE-2017-5461, CVE-2017-5462, CVE-2017-5464, CVE-2017-5465, CVE-2017-5466, CVE-2017-5467, CVE-2017-5469, CVE-2017-5470, CVE-2017-5472, CVE-2017-7749, CVE-2017-7750, CVE-2017-7751, CVE-2017-7752, CVE-2017-7754, CVE-2017-7755, CVE-2017-7756, CVE-2017-7757, CVE-2017-7758, CVE-2017-7761, CVE-2017-7763, CVE-2017-7764, CVE-2017-7765, CVE-2017-7768, CVE-2017-7778