Mozilla Products Remote Code Execution and Security Bypass Vulnerabilities

-->

  SecPod ID: 10227                                            Status: Public Report
  Mozilla Products Remote Code Execution and Security         Severity: High
  Bypass Vulnerabilities                                      Release Date: 18-12-2008
                                                              CVSS Base Score: 10.0 (AV:N/AC:L/Au:NR/C:C/I:C/A:C)
                                                              CVSS Temporal Score  = 7.4
                                                              Impact Level:  Application

  Affected Software/OS/Device:
  - Mozilla Firefox version 3.0.4 and prior
  - Mozilla Firefox version 2.0.0.18 and prior
  - Mozilla SeaMonkey version 1.1.13 and prior
  - Mozilla Thunderbird version 2.0.0.18 and prior

  OpenVAS Plugin ID: 
  Snort Signature ID:
  OVAL ID: 

  Vulnerability Insight:

  Overview:
  Mozilla Products are prone to Remote Code Execution and Security Bypass
  Vulnerabilities.

  Description:
  These flaws are due to,
  - Multiple errors in the layout and JavaScript engines whcih causes memory
    corruption.
  - Error while processing the "persist" XUL attribute which can cause bypassing
    cookie settings.
  - Bug in the Chrome privileges which causes exposure of sensitive information,
    bypass the same-origin policy.
  - Error in the feed preview functionality which can cause JavaScript code
    execution with Chrome privileges.
  - Error while processing 'XMLHttpRequest' requests to a web server which
    redirects the browser via a 302 HTTP status code.
  - Error when processing URLs starting with whitespace or certain control
    characters which can cause rendering of a malicious URL while rendering a
    hyperlink.
  - Error in the CSS parser when processing '\0' sequences which causes bypass
    third party script sanitization routines.

  Impact:
  Successful exploitation will let the attacker execute arbitrary codes in the
  context of the application, bypass certain security restrictions, disclose
  sensitive information, execute cross site scripting attacks or may potentially
  compromise a remote system.

  CVSS Score Report:
      ACCESS_VECTOR = NETWORK
      ACCESS_COMPLEXITY = LOW
      AUTHENTICATION = NOT_REQUIRED
      CONFIDENTIALITY_IMPACT = COMPLETE
      INTEGRITY_IMPACT = COMPLETE
      AVAILABILITY_IMPACT = COMPLETE
      EXPLOITABILITY = UNPROVEN
      REMEDIATION_LEVEL = OFFICIAL_FIX
      REPORT_CONFIDENCE = CONFIRMED
      CVSS Base Score = 10.0 (AV:N/AC:L/Au:NR/C:C/I:C/A:C)
      CVSS Temporal Score = 7.4
      Risk factor = High

  
  Fix:
  Upgrade to Firefox version 3.0.5 or 2.0.0.19,
  http://www.mozilla.com/firefox

  Upgrade to Thunderbird version 2.0.0.19,
  http://www.mozilla.com/thunderbird

  Upgrade to Mozilla SeaMonkey version 1.1.14,
  http://www.mozilla.org/projects/seamonkey

  References: 
  http://secunia.com/advisories/33184
  http://secunia.com/advisories/33203
Home Corporate Resources Report Security Bug Diary