From: SecuriTeam <support@securiteam.com.>
To: [email protected]
Date: 24 Mar 2005 18:14:24 +0200
Subject: [NEWS] Mozilla Platform's Code Execution Vulnerabilities
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <20050324162229.71CD2582E@mail.tyumen.ru.>
X-Virus-Scanned: antivirus-gw at tyumen.ru
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
The SecuriTeam alerts list - Free, Accurate, Independent.
Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html
- - - - - - - - -
Mozilla Platform's Code Execution Vulnerabilities
------------------------------------------------------------------------
SUMMARY
"The mission of the <www.mozilla.org> Mozilla project is to preserve
choice and innovation on the Internet."
Several vulnerabilities were identified in Mozilla Suite, Firefox and
Thunderbird, which may be exploited by attackers to execute arbitrary
commands or bypass certain security features.
DETAILS
Vulnerable Systems:
* Mozilla Firefox version 1.0.1 and prior
* Mozilla Suite version 1.7.5 and prior
* Mozilla Thunderbird version 1.0.1 and prior
Immune Systems:
* Mozilla Firefox version 1.0.2
* Mozilla Suite version 1.7.6
* Mozilla Thunderbird version 1.0.2
The first vulnerability is due to a heap overrun error when processing a
Netscape-specific extension block in GIF images, which may be exploited to
run arbitrary code on a vulnerable system via a web page or email message
containing a specially crafted GIF image.
The second flaw occurs if a user bookmarked a specially crafted page as a
Firefox sidebar panel, which could be exploited to execute arbitrary
programs by opening a privileged page and injecting JavaScript into it.
The third issue occurs when handling specially crafted XUL files, and may
be exploited to bypass the restriction on opening privileged XUL.
ADDITIONAL INFORMATION
The original article can be found at:
<http://www.k-otik.com/english/advisories/2005/0296>;
http://www.k-otik.com/english/advisories/2005/0296
<https://bugzilla.mozilla.org/show_bug.cgi?id=284627>
https://bugzilla.mozilla.org/show_bug.cgi?id=284627
<https://bugzilla.mozilla.org/show_bug.cgi?id=285595>
https://bugzilla.mozilla.org/show_bug.cgi?id=285595
<https://bugzilla.mozilla.org/show_bug.cgi?id=285438>
https://bugzilla.mozilla.org/show_bug.cgi?id=285438
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: [email protected]
In order to subscribe to the mailing list, simply forward this email to: [email protected]
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
