‫ Mozilla Firefox / Thunderbird / SeaMonkey Multiple Vulnerabilities

IRCAD2014033209
Number:IRCAD2014033209
Date: 2014/03/19
Software:
Mozilla Firefox 24.x
Mozilla SeaMonkey 2.x
Mozilla Thunderbird 24.x
Description
Some vulnerabilities have been reported in Mozilla Firefox, Thunderbird, and SeaMonkey, which can be exploited by malicious people to conduct spoofing attacks, disclose potentially sensitive information, bypass certain security restrictions, and compromise a user's system.
1) Some unspecified errors exist, which can be exploited to cause memory corruption.
2) A boundary error when decoding WAV audio files can be exploited to cause an out-of-bounds read memory access.
3) An error related to the permission prompt for a WebRTC session can be exploited to spoof the prompt and subsequently gain otherwise restricted access to the webcam or microphone.
4) An error when handling certain WebGL content can be exploited to e.g. spoof another site's WebGL context.
The vulnerabilities #3 and #4 affect Seamonkey only.
5) An error when performing polygon rendering in MathML can be exploited to cause an out-of-bounds read memory access.
6) A timing error when processing SVG format images with filters and displacements can be exploited to potentially disclose text values across domains.
7) An error related to certain WebIDL-implemented APIs can be exploited to load otherwise inaccessible privileged pages.
8) A use-after-free error when handling garbage collection of TypeObjects under memory pressure can be exploited to cause memory corruption.
9) An error within the TypedArrayObject implementation when handling neutered ArrayBuffer objects can be exploited to cause an out-of-bounds read or write memory access.
10) An error within the TypedArrayObject implementation when copying valued into a neutered array can be exploited to cause an out-of-bounds write memory access.
Successful exploitation of vulnerabilities #1 and #8 through #‫10 may allow execution of arbitrary code.
The vulnerabilities are reported in Firefox ESR versions prior to 24.4, Thunderbird versions prior to 24.4, and SeaMonkey versions prior to 2.25.
Solution:
Update to a fixed version.
Resources:
secunia:
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 8 فروردین 1393

امتیاز

امتیاز شما
تعداد امتیازها:0