Ubuntu 8.04 LTS / 8.10 / 9.04 : firefox-3.0, xulrunner-1.9 vulnerabilities (USN-821-1)

Critical Nessus Plugin ID 40943

Synopsis

The remote Ubuntu host is missing one or more security-related patches.

Description

Several flaws were discovered in the Firefox browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program.
(CVE-2009-3070, CVE-2009-3071, CVE-2009-3072, CVE-2009-3074, CVE-2009-3075)

Jesse Ruderman and Dan Kaminsky discovered that Firefox did not adequately inform users when security modules were added or removed via PKCS11. If a user visited a malicious website, an attacker could exploit this to trick the user into installing a malicious PKCS11 module. (CVE-2009-3076)

It was discovered that Firefox did not properly manage memory when using XUL tree elements. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-3077)

Juan Pablo Lopez Yacubian discovered that Firefox did properly display certain Unicode characters in the location bar and other text fields when using a certain non-Ubuntu font. If a user configured Firefox to use this font, an attacker could exploit this to spoof the location bar, such as in a phishing attack. (CVE-2009-3078)

It was discovered that the BrowserFeedWriter in Firefox could be subverted to run JavaScript code from web content with elevated chrome privileges. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-3079).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected packages.

See Also

https://usn.ubuntu.com/821-1/

Plugin Details

Severity: Critical

ID: 40943

File Name: ubuntu_USN-821-1.nasl

Version: 1.18

Type: local

Agent: unix

Published: 2009/09/11

Updated: 2019/08/02

Dependencies: 12634

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:canonical:ubuntu_linux:abrowser, p-cpe:/a:canonical:ubuntu_linux:abrowser-3.0-branding, p-cpe:/a:canonical:ubuntu_linux:firefox, p-cpe:/a:canonical:ubuntu_linux:firefox-3.0, p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-branding, p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-dev, p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-dom-inspector, p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-gnome-support, p-cpe:/a:canonical:ubuntu_linux:firefox-3.0-venkman, p-cpe:/a:canonical:ubuntu_linux:firefox-dev, p-cpe:/a:canonical:ubuntu_linux:firefox-dom-inspector, p-cpe:/a:canonical:ubuntu_linux:firefox-gnome-support, p-cpe:/a:canonical:ubuntu_linux:firefox-granparadiso, p-cpe:/a:canonical:ubuntu_linux:firefox-granparadiso-dev, p-cpe:/a:canonical:ubuntu_linux:firefox-granparadiso-dom-inspector, p-cpe:/a:canonical:ubuntu_linux:firefox-granparadiso-gnome-support, p-cpe:/a:canonical:ubuntu_linux:firefox-libthai, p-cpe:/a:canonical:ubuntu_linux:firefox-trunk, p-cpe:/a:canonical:ubuntu_linux:firefox-trunk-dev, p-cpe:/a:canonical:ubuntu_linux:firefox-trunk-dom-inspector, p-cpe:/a:canonical:ubuntu_linux:firefox-trunk-gnome-support, p-cpe:/a:canonical:ubuntu_linux:firefox-trunk-venkman, p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9, p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9-dev, p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9-dom-inspector, p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9-gnome-support, p-cpe:/a:canonical:ubuntu_linux:xulrunner-1.9-venkman, p-cpe:/a:canonical:ubuntu_linux:xulrunner-dev, cpe:/o:canonical:ubuntu_linux:8.04:-:lts, cpe:/o:canonical:ubuntu_linux:8.10, cpe:/o:canonical:ubuntu_linux:9.04

Required KB Items: Host/cpu, Host/Ubuntu, Host/Ubuntu/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2009/09/10

Reference Information

CVE: CVE-2009-3070, CVE-2009-3071, CVE-2009-3072, CVE-2009-3074, CVE-2009-3075, CVE-2009-3076, CVE-2009-3077, CVE-2009-3078, CVE-2009-3079

BID: 36343

USN: 821-1

CWE: 20, 94