Executive Summary
Summary | |
---|---|
Title | Firefox vulnerabilities |
Informations | |||
---|---|---|---|
Name | USN-1306-1 | First vendor Publication | 2012-01-06 |
Vendor | Ubuntu | Last vendor Modification | 2012-01-06 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.10 - Ubuntu 11.04 Summary: Several security issues were fixed in Firefox. Software Description: - firefox: Mozilla Open Source web browser Details: Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian Holler, David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse Ruderman, Marcia Knous, and Rober Longson discovered several memory safety issues which could possibly be exploited to crash Firefox or execute arbitrary code as the user that invoked Firefox. (CVE-2011-3660) Aki Helin discovered a crash in the YARR regular expression library that could be triggered by javascript in web content. (CVE-2011-3661) It was discovered that a flaw in the Mozilla SVG implementation could result in an out-of-bounds memory access if SVG elements were removed during a DOMAttrModified event handler. An attacker could potentially exploit this vulnerability to crash Firefox. (CVE-2011-3658) Mario Heiderich discovered it was possible to use SVG animation accessKey events to detect key strokes even when JavaScript was disabled. A malicious web page could potentially exploit this to trick a user into interacting with a prompt thinking it came from the browser in a context where the user believed scripting was disabled. (CVE-2011-3663) It was discovered that it was possible to crash Firefox when scaling an OGG Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.10: Ubuntu 11.04: After a standard system update you need to restart Firefox to make all the necessary changes. References: Package Information: |
Original Source
Url : http://www.ubuntu.com/usn/USN-1306-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
75 % | CWE-399 | Resource Management Errors |
25 % | CWE-200 | Information Exposure |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:14226 | |||
Oval ID: | oval:org.mitre.oval:def:14226 | ||
Title: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger a compartment mismatch associated with the nsDOMMessageEvent::GetData function, and unknown other vectors. | ||
Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger a compartment mismatch associated with the nsDOMMessageEvent::GetData function, and unknown other vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3660 | Version: | 22 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14424 | |||
Oval ID: | oval:org.mitre.oval:def:14424 | ||
Title: | YARR, as used in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted JavaScript. | ||
Description: | YARR, as used in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted JavaScript. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3661 | Version: | 22 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14640 | |||
Oval ID: | oval:org.mitre.oval:def:14640 | ||
Title: | Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an Ogg VIDEO element that is not properly handled after scaling. | ||
Description: | Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an Ogg VIDEO element that is not properly handled after scaling. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3665 | Version: | 22 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14664 | |||
Oval ID: | oval:org.mitre.oval:def:14664 | ||
Title: | The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and SeaMonkey 2.5 does not properly interact with DOMAttrModified event handlers, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via vectors involving removal of SVG elements. | ||
Description: | The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and SeaMonkey 2.5 does not properly interact with DOMAttrModified event handlers, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via vectors involving removal of SVG elements. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3658 | Version: | 20 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:14739 | |||
Oval ID: | oval:org.mitre.oval:def:14739 | ||
Title: | Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to capture keystrokes entered on a web page by using SVG animation accessKey events within that web page. | ||
Description: | Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to capture keystrokes entered on a web page, even when JavaScript is disabled, by using SVG animation accessKey events within that web page. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-3663 | Version: | 23 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15139 | |||
Oval ID: | oval:org.mitre.oval:def:15139 | ||
Title: | USN-1306-1 -- Firefox vulnerabilities | ||
Description: | firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1306-1 CVE-2011-3660 CVE-2011-3661 CVE-2011-3658 CVE-2011-3663 CVE-2011-3665 | Version: | 5 |
Platform(s): | Ubuntu 11.04 Ubuntu 11.10 | Product(s): | Firefox |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15140 | |||
Oval ID: | oval:org.mitre.oval:def:15140 | ||
Title: | USN-1343-1 -- Thunderbird vulnerabilities | ||
Description: | thunderbird: Mozilla Open Source mail and newsgroup client Several security issues were fixed in Thunderbird. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1343-1 CVE-2011-3660 CVE-2011-3661 CVE-2011-3658 CVE-2011-3663 CVE-2011-3665 | Version: | 5 |
Platform(s): | Ubuntu 11.10 | Product(s): | Thunderbird |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15302 | |||
Oval ID: | oval:org.mitre.oval:def:15302 | ||
Title: | USN-1306-2 -- Mozvoikko and ubufox update | ||
Description: | mozvoikko: Finnish spell-checker extension for Firefox | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1306-2 CVE-2011-3660 CVE-2011-3661 CVE-2011-3658 CVE-2011-3663 CVE-2011-3665 | Version: | 5 |
Platform(s): | Ubuntu 11.04 Ubuntu 11.10 | Product(s): | Mozvoikko |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
SAINT Exploits
Description | Link |
---|---|
Firefox DOMAttrModified nsSVGValue Observer Handling Out-of-bounds Memory Access | More info here |
OpenVAS Exploits
Date | Description |
---|---|
2012-08-02 | Name : SuSE Update for seamonkey openSUSE-SU-2012:0007-1 (seamonkey) File : nvt/gb_suse_2012_0007_1.nasl |
2012-08-02 | Name : SuSE Update for seamonkey openSUSE-SU-2012:0039-1 (seamonkey) File : nvt/gb_suse_2012_0039_1.nasl |
2012-08-02 | Name : SuSE Update for MozillaFirefox openSUSE-SU-2012:0039-2 (MozillaFirefox) File : nvt/gb_suse_2012_0039_2.nasl |
2012-03-26 | Name : Ubuntu Update for thunderbird USN-1401-2 File : nvt/gb_ubuntu_USN_1401_2.nasl |
2012-03-22 | Name : Ubuntu Update for xulrunner-1.9.2 USN-1401-1 File : nvt/gb_ubuntu_USN_1401_1.nasl |
2012-03-16 | Name : Ubuntu Update for thunderbird USN-1343-1 File : nvt/gb_ubuntu_USN_1343_1.nasl |
2012-01-09 | Name : Ubuntu Update for firefox USN-1306-1 File : nvt/gb_ubuntu_USN_1306_1.nasl |
2012-01-09 | Name : Ubuntu Update for mozvoikko USN-1306-2 File : nvt/gb_ubuntu_USN_1306_2.nasl |
2011-12-22 | Name : Mozilla Products DOMAttrModified Memory Corruption Vulnerability (MAC OS X) File : nvt/secpod_mozilla_prdts_domattr_modified_mem_crptn_vuln_macosx.nasl |
2011-12-22 | Name : Mozilla Products DOMAttrModified Memory Corruption Vulnerability (Windows) File : nvt/secpod_mozilla_prdts_domattr_modified_mem_crptn_vuln_win.nasl |
2011-12-22 | Name : Mozilla Products Multiple Vulnerabilities - Dec 11 (MAC OS X) File : nvt/secpod_mozilla_prdts_mult_vuln_macosx_dec11.nasl |
2011-12-22 | Name : Mozilla Products Multiple Vulnerabilities - Dec 11 (Windows) File : nvt/secpod_mozilla_prdts_mult_vuln_win_dec11.nasl |
0000-00-00 | Name : FreeBSD Ports: firefox File : nvt/freebsd_firefox60.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
77956 | Mozilla Multiple Product Large OGG <video> Element Handling Remote DoS |
77954 | Mozilla Multiple Product SVG Animation accessKey Event Handling Disabled Java... |
77953 | Mozilla Multiple Product DOMAttrModified SVG Element Handling Out-of-bounds M... |
77952 | Mozilla Multiple Product Multiple Unspecified Remote Memory Corruption |
77951 | Mozilla Multiple Product YARR Regular Expression Library Javascript Parsing R... |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Mozilla Firefox nSSVGValue memory corruption attempt RuleID : 23054 - Revision : 3 - Type : BROWSER-FIREFOX |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_seamonkey-111221.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_MozillaFirefox-111221.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_seamonkey-111221.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-254.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-175.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2011-101.nasl - Type : ACT_GATHER_INFO |
2013-01-08 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201301-01.nasl - Type : ACT_GATHER_INFO |
2012-09-06 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-192.nasl - Type : ACT_GATHER_INFO |
2012-03-26 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1401-2.nasl - Type : ACT_GATHER_INFO |
2012-03-20 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1401-1.nasl - Type : ACT_GATHER_INFO |
2012-01-25 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1343-1.nasl - Type : ACT_GATHER_INFO |
2012-01-09 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1306-1.nasl - Type : ACT_GATHER_INFO |
2012-01-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1306-2.nasl - Type : ACT_GATHER_INFO |
2011-12-21 | Name : The remote Mac OS X host contains an email client that is potentially affecte... File : macosx_thunderbird_9_0.nasl - Type : ACT_GATHER_INFO |
2011-12-21 | Name : The remote Mac OS X host contains a web browser that is potentially affected ... File : macosx_firefox_9_0.nasl - Type : ACT_GATHER_INFO |
2011-12-21 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_e3ff776b2ba611e193c60011856a6e37.nasl - Type : ACT_GATHER_INFO |
2011-12-20 | Name : The remote Windows host contains a web browser that is affected by several vu... File : seamonkey_26.nasl - Type : ACT_GATHER_INFO |
2011-12-20 | Name : The remote Windows host contains a mail client that is potentially affected b... File : mozilla_thunderbird_90.nasl - Type : ACT_GATHER_INFO |
2011-12-20 | Name : The remote Windows host contains a web browser that is potentially affected b... File : mozilla_firefox_90.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:59:26 |
|