Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
TitleNew Mozilla Firefox packages fix several vulnerabilities
Informations
NameDSA-1161First vendor Publication2006-08-29
VendorDebianLast vendor Modification2006-09-13
Severity (Vendor) N/ARevision2

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score7.5Attack RangeNetwork
Cvss Impact Score6.4Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

The latest security updates of Mozilla Firefox introduced a regression that led to a disfunctional attachment panel which warrants a correction to fix this issue. For reference please find below the original advisory text:

Several security related problems have been discovered in Mozilla and derived products like Mozilla Firefox. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities:

CVE-2006-3805

The Javascript engine might allow remote attackers to execute arbitrary code. [MFSA-2006-50]

CVE-2006-3806

Multiple integer overflows in the Javascript engine might allow remote attackers to execute arbitrary code. [MFSA-2006-50]

CVE-2006-3807

Specially crafted Javascript allows remote attackers to execute arbitrary code. [MFSA-2006-51]

CVE-2006-3808

Remote AutoConfig (PAC) servers could execute code with elevated privileges via a specially crafted PAC script. [MFSA-2006-52]

CVE-2006-3809

Scripts with the UniversalBrowserRead privilege could gain UniversalXPConnect privileges and possibly execute code or obtain sensitive data. [MFSA-2006-53]

CVE-2006-3811

Multiple vulnerabilities allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code. [MFSA-2006-55]

For the stable distribution (sarge) these problems have been fixed in version 1.0.4-2sarge11.

For the unstable distribution (sid) these problems have been fixed in version 1.5.dfsg+1.5.0.5-1.

We recommend that you upgrade your mozilla-firefox package.

Original Source

Url : http://www.debian.org/security/2006/dsa-1161

CWE : Common Weakness Enumeration

idName
CWE-189Numeric Errors (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10690
 
Oval ID: oval:org.mitre.oval:def:10690
Title: The Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving garbage collection that causes deletion of a temporary object that is still being used.
Description: The Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving garbage collection that causes deletion of a temporary object that is still being used.
Family: unix Class: vulnerability
Reference(s): CVE-2006-3805
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11232
 
Oval ID: oval:org.mitre.oval:def:11232
Title: Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments."
Description: Multiple integer overflows in the Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving (1) long strings in the toSource method of the Object, Array, and String objects; and (2) unspecified "string function arguments."
Family: unix Class: vulnerability
Reference(s): CVE-2006-3806
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10374
 
Oval ID: oval:org.mitre.oval:def:10374
Title: Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object() constructor to return a reference to a privileged object and calling "named JavaScript functions" that use the constructor.
Description: Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to execute arbitrary code via script that changes the standard Object() constructor to return a reference to a privileged object and calling "named JavaScript functions" that use the constructor.
Family: unix Class: vulnerability
Reference(s): CVE-2006-3807
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10845
 
Oval ID: oval:org.mitre.oval:def:10845
Title: Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote Proxy AutoConfig (PAC) servers to execute code with elevated privileges via a PAC script that sets the FindProxyForURL function to an eval method on a privileged object.
Description: Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote Proxy AutoConfig (PAC) servers to execute code with elevated privileges via a PAC script that sets the FindProxyForURL function to an eval method on a privileged object.
Family: unix Class: vulnerability
Reference(s): CVE-2006-3808
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9753
 
Oval ID: oval:org.mitre.oval:def:9753
Title: Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows scripts with the UniversalBrowserRead privilege to gain UniversalXPConnect privileges and possibly execute code or obtain sensitive data by reading into a privileged context.
Description: Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows scripts with the UniversalBrowserRead privilege to gain UniversalXPConnect privileges and possibly execute code or obtain sensitive data by reading into a privileged context.
Family: unix Class: vulnerability
Reference(s): CVE-2006-3809
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9934
 
Oval ID: oval:org.mitre.oval:def:9934
Title: Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Javascript that leads to memory corruption, including (1) nsListControlFrame::FireMenuItemActiveEvent, (2) buffer overflows in the string class in out-of-memory conditions, (3) table row and column groups, (4) "anonymous box selectors outside of UA stylesheets," (5) stale references to "removed nodes," and (6) running the crypto.generateCRMFRequest callback on deleted context.
Description: Multiple vulnerabilities in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Javascript that leads to memory corruption, including (1) nsListControlFrame::FireMenuItemActiveEvent, (2) buffer overflows in the string class in out-of-memory conditions, (3) table row and column groups, (4) "anonymous box selectors outside of UA stylesheets," (5) stale references to "removed nodes," and (6) running the crypto.generateCRMFRequest callback on deleted context.
Family: unix Class: vulnerability
Reference(s): CVE-2006-3811
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application5
Application4
Application3

OpenVAS Exploits

DateDescription
2009-05-05Name : HP-UX Update for Thunderbird HPSBUX02156
File : nvt/gb_hp_ux_HPSBUX02156.nasl
2008-09-24Name : Gentoo Security Advisory GLSA 200608-02 (SeaMonkey)
File : nvt/glsa_200608_02.nasl
2008-09-24Name : Gentoo Security Advisory GLSA 200608-03 (Firefox)
File : nvt/glsa_200608_03.nasl
2008-09-24Name : Gentoo Security Advisory GLSA 200608-04 (Thunderbird)
File : nvt/glsa_200608_04.nasl
2008-09-04Name : FreeBSD Ports: firefox
File : nvt/freebsd_firefox24.nasl
2008-01-17Name : Debian Security Advisory DSA 1159-1 (mozilla-thunderbird)
File : nvt/deb_1159_1.nasl
2008-01-17Name : Debian Security Advisory DSA 1159-2 (mozilla-thunderbird)
File : nvt/deb_1159_2.nasl
2008-01-17Name : Debian Security Advisory DSA 1160-1 (mozilla)
File : nvt/deb_1160_1.nasl
2008-01-17Name : Debian Security Advisory DSA 1160-2 (mozilla)
File : nvt/deb_1160_2.nasl
2008-01-17Name : Debian Security Advisory DSA 1161-1 (mozilla-firefox)
File : nvt/deb_1161_1.nasl
2008-01-17Name : Debian Security Advisory DSA 1161-2 (mozilla-firefox)
File : nvt/deb_1161_2.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
27577Mozilla Multiple Products Removed Node Reference Unspecified Code Execution
27576Mozilla Multiple Products crypto.generateCRMFRequest Deleted Context Code Exe...
27575Mozilla Multiple Products Anonymous Box Selector Unspecified Code Execution
27574Mozilla Multiple Products Table Row/Column Group Unspecified Code Execution
27573Mozilla Multiple Products String Class Out-of-memory Code Execution
27572Mozilla Multiple Products nsListControlFrame::FireMenuItemActiveEvent Arbitra...
27571Mozilla Multiple Products String Function Objects Unspecified Overflow
27570Mozilla Multiple Products toSource Method Overflow
27569Mozilla Multiple Products Garbage Collection Temporary Object Handling Arbitr...
27568Mozilla Multiple Products Standard Object() Constructor Manipulation Privileg...
27567Mozilla Multiple Products PAC Script FindProxyForURL Function Privilege Escal...
27566Mozilla Multiple Products UniversalXPConnect Privilege Escalation

Snort® IPS/IDS

DateDescription
2014-01-10Mozilla Firefox Javascript engine function arguments memory corruption attempt
RuleID : 18262 - Revision : 4 - Type : BROWSER-FIREFOX
2014-01-10Mozilla Firefox Javascript engine String.toSource memory corruption attempt
RuleID : 18261 - Revision : 4 - Type : BROWSER-FIREFOX

Nessus® Vulnerability Scanner

DateDescription
2013-07-12Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2006-0733.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2006-0735.nasl - Type : ACT_GATHER_INFO
2007-12-13Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_MozillaFirefox-1960.nasl - Type : ACT_GATHER_INFO
2007-11-10Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-327-1.nasl - Type : ACT_GATHER_INFO
2007-11-10Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-329-1.nasl - Type : ACT_GATHER_INFO
2007-11-10Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-350-1.nasl - Type : ACT_GATHER_INFO
2007-11-10Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-361-1.nasl - Type : ACT_GATHER_INFO
2007-10-17Name : The remote openSUSE host is missing a security update.
File : suse_MozillaThunderbird-1924.nasl - Type : ACT_GATHER_INFO
2007-10-17Name : The remote openSUSE host is missing a security update.
File : suse_seamonkey-1952.nasl - Type : ACT_GATHER_INFO
2007-10-17Name : The remote openSUSE host is missing a security update.
File : suse_MozillaFirefox-1981.nasl - Type : ACT_GATHER_INFO
2006-12-16Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2006-143.nasl - Type : ACT_GATHER_INFO
2006-12-16Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2006-146.nasl - Type : ACT_GATHER_INFO
2006-12-06Name : The remote host is missing Sun Security Patch number 120672-08
File : solaris9_x86_120672.nasl - Type : ACT_GATHER_INFO
2006-12-06Name : The remote host is missing Sun Security Patch number 120672-08
File : solaris8_x86_120672.nasl - Type : ACT_GATHER_INFO
2006-11-06Name : The remote host is missing Sun Security Patch number 119115-35
File : solaris10_119115.nasl - Type : ACT_GATHER_INFO
2006-11-06Name : The remote host is missing Sun Security Patch number 119116-35
File : solaris10_x86_119116.nasl - Type : ACT_GATHER_INFO
2006-10-14Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1159.nasl - Type : ACT_GATHER_INFO
2006-10-14Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1160.nasl - Type : ACT_GATHER_INFO
2006-10-14Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1161.nasl - Type : ACT_GATHER_INFO
2006-08-30Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2006-0594.nasl - Type : ACT_GATHER_INFO
2006-08-07Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2006-0608.nasl - Type : ACT_GATHER_INFO
2006-08-07Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2006-0609.nasl - Type : ACT_GATHER_INFO
2006-08-04Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2006-0609.nasl - Type : ACT_GATHER_INFO
2006-08-04Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200608-02.nasl - Type : ACT_GATHER_INFO
2006-08-04Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200608-03.nasl - Type : ACT_GATHER_INFO
2006-08-04Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200608-04.nasl - Type : ACT_GATHER_INFO
2006-08-04Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2006-0610.nasl - Type : ACT_GATHER_INFO
2006-08-04Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2006-0611.nasl - Type : ACT_GATHER_INFO
2006-07-29Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2006-0610.nasl - Type : ACT_GATHER_INFO
2006-07-29Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2006-0611.nasl - Type : ACT_GATHER_INFO
2006-07-28Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2006-0608.nasl - Type : ACT_GATHER_INFO
2006-07-28Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_e2a926641d6011db88cf000c6ec775d9.nasl - Type : ACT_GATHER_INFO
2006-07-27Name : The remote Windows host contains a mail client that is affected by multiple v...
File : mozilla_thunderbird_1505.nasl - Type : ACT_GATHER_INFO
2006-07-27Name : The remote Windows host contains a web browser that is affected by multiple v...
File : mozilla_firefox_1505.nasl - Type : ACT_GATHER_INFO
2006-07-27Name : A web browser on the remote host is prone to multiple flaws.
File : seamonkey_103.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
DateInformations
2014-02-17 11:26:09
  • Multiple Updates