Executive Summary
Summary | |
---|---|
Title | Updated mozilla packages fix security issues |
Informations | |||
---|---|---|---|
Name | RHSA-2004:486 | First vendor Publication | 2004-09-30 |
Vendor | RedHat | Last vendor Modification | 2004-09-30 |
Severity (Vendor) | N/A | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated mozilla packages that fix a number of security issues are now available. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Jesse Ruderman discovered a cross-domain scripting bug in Mozilla. If a user is tricked into dragging a javascript link into another frame or page, it becomes possible for an attacker to steal or modify sensitive information from that site. Additionally, if a user is tricked into dragging two links in sequence to another window (not frame), it is possible for the attacker to execute arbitrary commands. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0905 to this issue. Gael Delalleau discovered an integer overflow which affects the BMP handling code inside Mozilla. An attacker could create a carefully crafted BMP file in such a way that it would cause Mozilla to crash or execute arbitrary code when the image is viewed. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0904 to this issue. Georgi Guninski discovered a stack-based buffer overflow in the vCard display routines. An attacker could create a carefully crafted vCard file in such a way that it would cause Mozilla to crash or execute arbitrary code when viewed. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0903 to this issue. Wladimir Palant discovered a flaw in the way javascript interacts with the clipboard. It is possible that an attacker could use malicious javascript code to steal sensitive data which has been copied into the clipboard. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0908 to this issue. Georgi Guninski discovered a heap based buffer overflow in the "Send Page" feature. It is possible that an attacker could construct a link in such a way that a user attempting to forward it could result in a crash or arbitrary code execution. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0902 to this issue. Users of Mozilla should update to these updated packages, which contain backported patches and are not vulnerable to these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/ for more info): 133023 - CAN-2004-0902 "send page" heap based buffer overflow 133024 - CAN-2004-0902 "send page" heap based buffer overflow 133022 - CAN-2004-0908 javascript clipboard information leakage 133021 - CAN-2004-0908 javascript clipboard information leakage 133017 - CAN-2004-0903 VCard buffer overflow 133016 - CAN-2004-0903 VCard buffer overflow 133015 - CAN-2004-0904 BMP integer overflows 133014 - CAN-2004-0904 BMP integer overflows 133013 - CAN-2004-0905 javascript link dragging information leak 133012 - CAN-2004-0905 javascript link dragging information leak |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2004-486.html |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10378 | |||
Oval ID: | oval:org.mitre.oval:def:10378 | ||
Title: | Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain. | ||
Description: | Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0905 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10873 | |||
Oval ID: | oval:org.mitre.oval:def:10873 | ||
Title: | Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message. | ||
Description: | Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0903 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10952 | |||
Oval ID: | oval:org.mitre.oval:def:10952 | ||
Title: | Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows. | ||
Description: | Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0904 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11201 | |||
Oval ID: | oval:org.mitre.oval:def:11201 | ||
Title: | Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the "Send page" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname. | ||
Description: | Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the "Send page" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0902 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9745 | |||
Oval ID: | oval:org.mitre.oval:def:9745 | ||
Title: | Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows untrusted Javascript code to read and write to the clipboard, and possibly obtain sensitive information, via script-generated events such as Ctrl-Ins. | ||
Description: | Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows untrusted Javascript code to read and write to the clipboard, and possibly obtain sensitive information, via script-generated events such as Ctrl-Ins. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0908 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-10-10 | Name : SLES9: Security update for Mozilla File : nvt/sles9p5012017.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200409-26 (Mozilla) File : nvt/glsa_200409_26.nasl |
2008-09-04 | Name : FreeBSD Ports: thunderbird File : nvt/freebsd_thunderbird0.nasl |
2008-09-04 | Name : FreeBSD Ports: thunderbird File : nvt/freebsd_thunderbird3.nasl |
2008-09-04 | Name : FreeBSD Ports: thunderbird File : nvt/freebsd_thunderbird4.nasl |
2008-09-04 | Name : FreeBSD Ports: thunderbird File : nvt/freebsd_thunderbird5.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
10528 | Mozilla Multiple Products Link non-ASCII Hostname Overflow |
10527 | Mozilla Multiple Products POP3 Response Overflow |
10526 | Mozilla Multiple Products Send Page Overflow |
10525 | Mozilla Multiple Products BMP Image Overflow |
10524 | Mozilla Multiple Products Javascript Drag and Drop XSS |
9968 | Mozilla Multiple Products nsMsgCompUtils.cpp Multiple Overflows A local overflow exists in Mozilla, Firefox and Thunderbird. The Send Page function fails to validate input received from the page to be sent resulting in a heap overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity. |
9966 | Mozilla Multiple Products nsVCardObj.cpp writeGroup() Function Overflow A local overflow exists in Mozilla-based applications and Netscape Navigator. The writegroup() function of the nsVCardObj.cpp component fails to ensure parameters with group properties (eg, TEL.HOME) are an acceptable length, resulting in a stack-based overflow. With a specially crafted vCard, an attacker can cause a denial of service condition, and possibly code execution, resulting in a loss of availability and integrity. |
9965 | Mozilla Multiple Products Text Field Script Generation Arbitrary Clipboard Co... |
Snort® IPS/IDS
Date | Description |
---|---|
2018-01-17 | Mozilla Firefox buffer overflow attempt RuleID : 45172 - Revision : 1 - Type : BROWSER-FIREFOX |
2018-01-17 | Mozilla Firefox buffer overflow attempt RuleID : 45171 - Revision : 1 - Type : BROWSER-FIREFOX |
2014-01-10 | Microsoft Windows Bitmap width integer overflow multipacket attempt RuleID : 3634 - Revision : 9 - Type : WEB-CLIENT |
2014-01-10 | Microsoft Windows Bitmap width integer overflow attempt RuleID : 3632 - Revision : 25 - Type : FILE-IMAGE |
2015-10-01 | Microsoft Windows Bitmap width integer overflow attempt RuleID : 35848 - Revision : 3 - Type : FILE-IMAGE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2005-07-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_93d6162f115311d9bc4a000c41e2cdad.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_ab9c559e115a11d9bc4a000c41e2cdad.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_b2e6d1d6133911d9bc4a000c41e2cdad.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_da690355115911d9bc4a000c41e2cdad.nasl - Type : ACT_GATHER_INFO |
2004-10-20 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2004-107.nasl - Type : ACT_GATHER_INFO |
2004-10-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2004-486.nasl - Type : ACT_GATHER_INFO |
2004-09-21 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200409-26.nasl - Type : ACT_GATHER_INFO |
2004-09-15 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_multiple_flaws.nasl - Type : ACT_GATHER_INFO |
2004-09-15 | Name : The remote host has an application that is affected by multiple flaws. File : thunderbird_multiple_flaws.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:48:41 |
|