| <?xml version="1.0" encoding="utf-8"?> |
| <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> |
| |
| <glsa id="200701-02"> |
| <title>Mozilla Firefox: Multiple vulnerabilities</title> |
| <synopsis> |
| Multiple vulnerabilities have been reported in Mozilla Firefox, some of |
| which may allow the remote execution of arbitrary code. |
| </synopsis> |
| <product type="ebuild">mozilla-firefox</product> |
| <announced>January 04, 2007</announced> |
| <revised>January 04, 2007: 01</revised> |
| <bug>156023</bug> |
| <access>remote</access> |
| <affected> |
| <package name="www-client/mozilla-firefox" auto="yes" arch="*"> |
| <unaffected range="ge">1.5.0.9</unaffected> |
| <vulnerable range="lt">1.5.0.9</vulnerable> |
| </package> |
| <package name="www-client/mozilla-firefox-bin" auto="yes" arch="*"> |
| <unaffected range="ge">1.5.0.9</unaffected> |
| <vulnerable range="lt">1.5.0.9</vulnerable> |
| </package> |
| </affected> |
| <background> |
| <p> |
| Mozilla Firefox is a popular open-source web browser from the Mozilla |
| Project. |
| </p> |
| </background> |
| <description> |
| <p> |
| An anonymous researcher found evidence of memory corruption in the way |
| Mozilla Firefox handles certain types of SVG comment DOM nodes. |
| Additionally, Frederik Reiss discovered a heap-based buffer overflow in |
| the conversion of a CSS cursor. Other issues with memory corruption |
| were also fixed. Mozilla Firefox also contains less severe |
| vulnerabilities involving JavaScript and Java. |
| </p> |
| </description> |
| <impact type="normal"> |
| <p> |
| An attacker could entice a user to view a specially crafted web page |
| that will trigger one of the vulnerabilities, possibly leading to the |
| execution of arbitrary code. It is also possible for an attacker to |
| perform cross-site scripting attacks, leading to the exposure of |
| sensitive information, like user credentials. |
| </p> |
| </impact> |
| <workaround> |
| <p> |
| There are no known workarounds for all the issues at this time. |
| </p> |
| </workaround> |
| <resolution> |
| <p> |
| All Mozilla Firefox users should upgrade to the latest version: |
| </p> |
| <code> |
| # emerge --sync |
| # emerge --ask --oneshot --verbose ">=www-client/mozilla-firefox-1.5.0.9"</code> |
| <p> |
| All Mozilla Firefox binary release users should upgrade to the latest |
| version: |
| </p> |
| <code> |
| # emerge --sync |
| # emerge --ask --oneshot --verbose ">=www-client/mozilla-firefox-bin-1.5.0.9"</code> |
| </resolution> |
| <references> |
| <uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6497">CVE-2006-6497</uri> |
| <uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6498">CVE-2006-6498</uri> |
| <uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6499">CVE-2006-6499</uri> |
| <uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6500">CVE-2006-6500</uri> |
| <uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6501">CVE-2006-6501</uri> |
| <uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6502">CVE-2006-6502</uri> |
| <uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6503">CVE-2006-6503</uri> |
| <uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6504">CVE-2006-6504</uri> |
| <uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6506">CVE-2006-6506</uri> |
| <uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6507">CVE-2006-6507</uri> |
| </references> |
| <metadata tag="submitter" timestamp="Thu, 28 Dec 2006 15:30:23 +0000"> |
| falco |
| </metadata> |
| <metadata tag="bugReady" timestamp="Thu, 28 Dec 2006 16:10:02 +0000"> |
| falco |
| </metadata> |
| </glsa> |