Executive Summary
| Summary | |
|---|---|
| Title | firefox security update |
| Informations | |||
|---|---|---|---|
| Name | RHSA-2014:1635 | First vendor Publication | 2014-10-14 |
| Vendor | RedHat | Last vendor Modification | 2014-10-14 |
| Severity (Vendor) | Critical | Revision | 01 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 7.5 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Problem Description: Updated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1574, CVE-2014-1578, CVE-2014-1581, CVE-2014-1576, CVE-2014-1577) A flaw was found in the Alarm API, which allows applications to schedule actions to be run in the future. A malicious web application could use this flaw to bypass cross-origin restrictions. (CVE-2014-1583) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Bobby Holley, Christian Holler, David Bolter, Byron Campen Jon Coppeard, Atte Kettunen, Holger Fuhrmannek, Abhishek Arya, regenrecht, and Boris Zbarsky as the original reporters of these issues. For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 31.2.0 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. All Firefox users should upgrade to these updated packages, which contain Firefox version 31.2.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1152356 - CVE-2014-1574 Mozilla: Miscellaneous memory safety hazards (rv:31.2) (MFSA 2014-74) 1152358 - CVE-2014-1576 Mozilla: Buffer overflow during CSS manipulation (MFSA 2014-75) 1152359 - CVE-2014-1577 Mozilla: Web Audio memory corruption issues with custom waveforms (MFSA 2014-76) 1152361 - CVE-2014-1578 Mozilla: Out-of-bounds write with WebM video (MFSA 2014-77) 1152363 - CVE-2014-1581 Mozilla: Use-after-free interacting with text directionality (MFSA 2014-79) 1152683 - CVE-2014-1583 Mozilla: Accessing cross-origin objects via the Alarms API (MFSA 2014-82) |
Original Source
| Url : https://rhn.redhat.com/errata/RHSA-2014-1635.html |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:26899 | |||
| Oval ID: | oval:org.mitre.oval:def:26899 | ||
| Title: | RHSA-2014:1635: firefox security update (Critical) | ||
| Description: | Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1574, CVE-2014-1578, CVE-2014-1581, CVE-2014-1576, CVE-2014-1577) A flaw was found in the Alarm API, which allows applications to schedule actions to be run in the future. A malicious web application could use this flaw to bypass cross-origin restrictions. (CVE-2014-1583) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Bobby Holley, Christian Holler, David Bolter, Byron Campen Jon Coppeard, Atte Kettunen, Holger Fuhrmannek, Abhishek Arya, regenrecht, and Boris Zbarsky as the original reporters of these issues. For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 31.2.0 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. All Firefox users should upgrade to these updated packages, which contain Firefox version 31.2.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2014:1635-00 CESA-2014:1635 CVE-2014-1574 CVE-2014-1576 CVE-2014-1577 CVE-2014-1578 CVE-2014-1581 CVE-2014-1583 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 CentOS Linux 5 CentOS Linux 6 CentOS Linux 7 | Product(s): | firefox xulrunner |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26972 | |||
| Oval ID: | oval:org.mitre.oval:def:26972 | ||
| Title: | ELSA-2014-1647 -- thunderbird security update | ||
| Description: | [31.2.0-3.0.1.el6_5] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [31.2.0-3] - Enabled jemalloc on ppc(64) and s390(x) [31.2.0-2] - Update to 31.2.0 [31.1.1-2] - Sync preferences with Firefox [31.1.1-1] - Update to 31.1.1 [31.1.0-1] - Update to 31.1.0 [31.0-1] - Rebase to 31 ESR | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014-1647 CVE-2014-1574 CVE-2014-1577 CVE-2014-1578 CVE-2014-1581 | Version: | 4 |
| Platform(s): | Oracle Linux 6 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:26973 | |||
| Oval ID: | oval:org.mitre.oval:def:26973 | ||
| Title: | USN-2372-1 -- Firefox vulnerabilities | ||
| Description: | Bobby Holley, Christian Holler, David Bolter, Byron Campen, Jon Coppeard, Carsten Book, Martijn Wargers, Shih-Chiang Chien, Terrence Cole and Jeff Walden discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1574">CVE-2014-1574</a>, <a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1575">CVE-2014-1575</a>) Atte Kettunen discovered a buffer overflow during CSS manipulation. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Firefox. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1576">CVE-2014-1576</a>) Holger Fuhrmannek discovered an out-of-bounds read with Web Audio. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to steal sensitive information. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1577">CVE-2014-1577</a>) Abhishek Arya discovered an out-of-bounds write when buffering WebM video in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Firefox. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1578">CVE-2014-1578</a>) Michal Zalewski discovered that memory may not be correctly initialized when rendering a malformed GIF in to a canvas in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to steal sensitive information. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1580">CVE-2014-1580</a>) A use-after-free was discovered during text layout in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Firefox. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1581">CVE-2014-1581</a>) Patrick McManus and David Keeler discovered 2 issues that could result in certificate pinning being bypassed in some circumstances. An attacker with a fraudulent certificate could potentially exploit this conduct a man in the middle attack. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1582">CVE-2014-1582</a>, <a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1584">CVE-2014-1584</a>) Eric Shepherd and Jan-Ivar Bruaroey discovered issues with video sharing via WebRTC in iframes, where video continues to be shared after being stopped and navigating to a new site doesn't turn off the camera. An attacker could potentially exploit this to access the camera without the user being aware. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1585">CVE-2014-1585</a>, <a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1586">CVE-2014-1586</a>) Boris Zbarsky discovered that webapps could use the Alarm API to read the values of cross-origin references. If a user were tricked in to installing a specially crafter webapp, an attacker could potentially exploit this to bypass same-origin restrictions. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1583">CVE-2014-1583</a>) | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2372-1 CVE-2014-1574 CVE-2014-1575 CVE-2014-1576 CVE-2014-1577 CVE-2014-1578 CVE-2014-1580 CVE-2014-1581 CVE-2014-1582 CVE-2014-1584 CVE-2014-1585 CVE-2014-1586 CVE-2014-1583 | Version: | 3 |
| Platform(s): | Ubuntu 14.04 Ubuntu 12.04 | Product(s): | firefox |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27134 | |||
| Oval ID: | oval:org.mitre.oval:def:27134 | ||
| Title: | ELSA-2014-1635 -- firefox security update | ||
| Description: | firefox [31.2.0-3.0.1.el7_0] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one [31.2.0-3] - Update to 31.2.0 ESR - Fix for mozbz#1042889 [31.1.0-7] - Enable WebM on all arches xulrunner [31.2.0-1.0.1] - Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js - Removed XULRUNNER_VERSION from SOURCE21 [31.2.0-1] - Update to 31.2.0 [31.1.0-3] - move /sdk/bin to xulrunner libdir [31.1.0-2] - Sync preferences with Firefox package [31.1.0-1] - Update to 31.1.0 ESR [31.0-2] - Fix header wrapper for aarch64 [31.0-1] - Update to 31.0 ESR | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014-1635 CVE-2014-1574 CVE-2014-1576 CVE-2014-1577 CVE-2014-1578 CVE-2014-1581 CVE-2014-1583 | Version: | 4 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 Oracle Linux 7 | Product(s): | firefox xulrunner xulrunner-devel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27140 | |||
| Oval ID: | oval:org.mitre.oval:def:27140 | ||
| Title: | RHSA-2014:1647: thunderbird security update (Important) | ||
| Description: | Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1574, CVE-2014-1578, CVE-2014-1581, CVE-2014-1577) Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Bobby Holley, Christian Holler, David Bolter, Byron Campen Jon Coppeard, Holger Fuhrmannek, Abhishek Arya, and regenrecht as the original reporters of these issues. For technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 31.2.0. You can find a link to the Mozilla advisories in the References section of this erratum. All Thunderbird users should upgrade to this updated package, which contains Thunderbird version 31.2.0, which corrects these issues. After installing the update, Thunderbird must be restarted for the changes to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2014:1647-00 CESA-2014:1647 CVE-2014-1574 CVE-2014-1577 CVE-2014-1578 CVE-2014-1581 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2015-08-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_42c98cef62b14b8b9065f4621e08d526.nasl - Type : ACT_GATHER_INFO |
| 2015-05-27 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-1510-1.nasl - Type : ACT_GATHER_INFO |
| 2015-05-27 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-1458-3.nasl - Type : ACT_GATHER_INFO |
| 2015-05-27 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-1458-2.nasl - Type : ACT_GATHER_INFO |
| 2015-05-27 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-1458-1.nasl - Type : ACT_GATHER_INFO |
| 2015-04-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201504-01.nasl - Type : ACT_GATHER_INFO |
| 2014-12-18 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-784.nasl - Type : ACT_GATHER_INFO |
| 2014-11-20 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_firefox31-201411-141115.nasl - Type : ACT_GATHER_INFO |
| 2014-11-11 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_firefox31-201411-141105.nasl - Type : ACT_GATHER_INFO |
| 2014-11-04 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20141015_thunderbird_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2014-11-04 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20141015_firefox_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2014-11-03 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3061.nasl - Type : ACT_GATHER_INFO |
| 2014-11-03 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-614.nasl - Type : ACT_GATHER_INFO |
| 2014-11-03 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-613.nasl - Type : ACT_GATHER_INFO |
| 2014-11-03 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-612.nasl - Type : ACT_GATHER_INFO |
| 2014-11-03 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-611.nasl - Type : ACT_GATHER_INFO |
| 2014-11-03 | Name : The remote Fedora host is missing a security update. File : fedora_2014-14084.nasl - Type : ACT_GATHER_INFO |
| 2014-10-20 | Name : The remote Fedora host is missing a security update. File : fedora_2014-13042.nasl - Type : ACT_GATHER_INFO |
| 2014-10-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3050.nasl - Type : ACT_GATHER_INFO |
| 2014-10-17 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2014-1647.nasl - Type : ACT_GATHER_INFO |
| 2014-10-16 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2014-1647.nasl - Type : ACT_GATHER_INFO |
| 2014-10-16 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1635.nasl - Type : ACT_GATHER_INFO |
| 2014-10-16 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_9c1495ac8d8c4789a0f38ca6b476619c.nasl - Type : ACT_GATHER_INFO |
| 2014-10-16 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1635.nasl - Type : ACT_GATHER_INFO |
| 2014-10-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1647.nasl - Type : ACT_GATHER_INFO |
| 2014-10-16 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2373-1.nasl - Type : ACT_GATHER_INFO |
| 2014-10-15 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_31_2_esr.nasl - Type : ACT_GATHER_INFO |
| 2014-10-15 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2372-1.nasl - Type : ACT_GATHER_INFO |
| 2014-10-15 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1635.nasl - Type : ACT_GATHER_INFO |
| 2014-10-15 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_31_2.nasl - Type : ACT_GATHER_INFO |
| 2014-10-15 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_33.nasl - Type : ACT_GATHER_INFO |
| 2014-10-15 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_31_2_esr.nasl - Type : ACT_GATHER_INFO |
| 2014-10-15 | Name : The remote Mac OS X host contains a mail client that is affected by multiple ... File : macosx_thunderbird_31_2.nasl - Type : ACT_GATHER_INFO |
| 2014-10-15 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_33.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-10-21 17:28:18 |
|
| 2014-10-17 13:25:35 |
|
| 2014-10-16 13:25:51 |
|
| 2014-10-15 17:26:04 |
|
| 2014-10-15 09:21:57 |
|
