Advisories MDVSA-2010:125: firefox

[paul]

Security issues were identified and fixed in firefox:

 

An unspecified function in the JavaScript implementation in Mozilla

Firefox creates and exposes a temporary footprint when there is

a current login to a web site, which makes it easier for remote

attackers to trick a user into acting upon a spoofed pop-up message,

aka an in-session phishing attack. (CVE-2008-5913).

 

The JavaScript implementation in Mozilla Firefox 3.x allows remote

attackers to send selected keystrokes to a form field in a hidden

frame, instead of the intended form field in a visible frame, via

certain calls to the focus method (CVE-2010-1125).

 

Integer overflow in the nsGenericDOMDataNode::SetTextInternal function

in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4,

Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote

attackers to execute arbitrary code via a DOM node with a long text

value that triggers a heap-based buffer overflow (CVE-2010-1196).

 

Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and

SeaMonkey before 2.0.5, does not properly handle situations in which

both Content-Disposition: attachment and Content-Type: multipart are

present in HTTP headers, which allows remote attackers to conduct

cross-site scripting (XSS) attacks via an uploaded HTML document

(CVE-2010-1197).

 

Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.10

and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote

attackers to execute arbitrary code via vectors involving multiple

plugin instances (CVE-2010-1198).

 

Integer overflow in the XSLT node sorting implementation in Mozilla

Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before

3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute

arbitrary code via a large text value for a node (CVE-2010-1199).

 

Multiple unspecified vulnerabilities in the browser engine in Mozilla

Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird

before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to

cause a denial of service (memory corruption and application crash)

or possibly execute arbitrary code via unknown vectors (CVE-2010-1200).

 

Multiple unspecified vulnerabilities in the JavaScript engine in

Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird

before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to

cause a denial of service (memory corruption and application crash)

or possibly execute arbitrary code via unknown vectors (CVE-2010-1202).

 

Multiple unspecified vulnerabilities in the JavaScript engine in

Mozilla Firefox 3.6.x before 3.6.4 allow remote attackers to cause

a denial of service (memory corruption and application crash) or

possibly execute arbitrary code via unknown vectors (CVE-2010-1203).

 

Packages for 2008.0 and 2009.0 are provided as of the Extended

Maintenance Program. Please visit this link to learn more:

http://store.mandriva.com/product_info.php?cPath=149&products_id=490

 

Additionally, some packages which require so, have been rebuilt and

are being provided as updates.