Ubuntu Security Notice 1822-1 - Multiple memory safety issues were discovered in Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Cody Crews discovered that some constructors could be used to bypass restrictions enforced by their Chrome Object Wrapper (COW). An attacker could exploit this to conduct cross-site scripting (XSS) attacks. Various other issues were also addressed.
ac25ce948a4dcc634750fd0f1b4fedb6a05de4dbbdb5cdf815be15b301fcf801
============================================================================
Ubuntu Security Notice USN-1822-1
May 14, 2013
firefox vulnerabilities
============================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04 LTS
Summary:
Firefox could be made to crash or run programs as your login if it
opened a malicious website.
Software Description:
- firefox: Mozilla Open Source web browser
Details:
Multiple memory safety issues were discovered in Firefox. If the user were
tricked into opening a specially crafted page, an attacker could possibly
exploit these to cause a denial of service via application crash, or
potentially execute code with the privileges of the user invoking Firefox.
(CVE-2013-0801, CVE-2013-1669)
Cody Crews discovered that some constructors could be used to bypass
restrictions enforced by their Chrome Object Wrapper (COW). An attacker
could exploit this to conduct cross-site scripting (XSS) attacks.
(CVE-2013-1670)
It was discovered that the file input element could expose the full local
path under certain conditions. An attacker could potentially exploit this
to steal sensitive information. (CVE-2013-1671)
A use-after-free was discovered when resizing video content whilst it is
playing. An attacker could potentially exploit this to execute code with
the privileges of the user invoking Firefox. (CVE-2013-1674)
It was discovered that some DOMSVGZoomEvent functions could be used
without being properly initialized, which could lead to information
leakage. (CVE-2013-1675)
Abhishek Arya discovered multiple memory safety issues in Firefox. If
the user were tricked into opening a specially crafted page, an attacker
could possibly exploit these to cause a denial of service via application
crash, or potentially execute code with the privileges of the user
invoking Firefox. (CVE-2013-1676, CVE-2013-1677, CVE-2013-1678,
CVE-2013-1679, CVE-2013-1680, CVE-2013-1681)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 13.04:
firefox 21.0+build2-0ubuntu0.13.04.2
Ubuntu 12.10:
firefox 21.0+build2-0ubuntu0.12.10.2
Ubuntu 12.04 LTS:
firefox 21.0+build2-0ubuntu0.12.04.3
After a standard system update you need to restart Firefox to make
all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1822-1
CVE-2013-0801, CVE-2013-1669, CVE-2013-1670, CVE-2013-1671,
CVE-2013-1674, CVE-2013-1675, CVE-2013-1676, CVE-2013-1677,
CVE-2013-1678, CVE-2013-1679, CVE-2013-1680, CVE-2013-1681,
https://launchpad.net/bugs/1178277
Package Information:
https://launchpad.net/ubuntu/+source/firefox/21.0+build2-0ubuntu0.13.04.2
https://launchpad.net/ubuntu/+source/firefox/21.0+build2-0ubuntu0.12.10.2
https://launchpad.net/ubuntu/+source/firefox/21.0+build2-0ubuntu0.12.04.3