Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » SUSE-2012:8226

Overview

Id SUSE-2012:8226
Name Novell SUSE 2012:8226 firefox-201207 security update for SLE 10 SP4 i586
Vendor Name novell
Product None
Content Type Critical Critical
Language(s)
Operating System(s) Linux 
Released On 19 Jul 2012 12:00:00

SUSE-2012:8226

Novell SUSE 2012:8226 firefox-201207 security update for SLE 10 SP4 i586

Vendor Name

novell

Product

None

Released On

19 Jul 2012 12:00:00

Url

http://www.novell.com/support/search.do?usemicrosite=true&searchString=96da6f10cbe978aeccb3ac8d9d6b7ef8

Description

LSAC(v2)
MozillaFirefox have been updated to the 10.0.6ESR security release fixing various bugs and several security issues, some critical. The ollowing security issues have been fixed: * MFSA 2012-42: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. * CVE-2012-1948: Benoit Jacob, Jesse Ruderman, Christian Holler, and Bill McCloskey reported memory safety problems and crashes that affect Firefox ESR 10 and Firefox 13. * MFSA 2012-43 / CVE-2012-1950: Security researcher Mario Gomes andresearch firm Code Audit Labs reported a mechanism to short-circuit page loads through drag and drop to the addressbar by canceling the page load. This causes the address of the previously site entered to be displayed in the addressbar instead of the currently loaded page. This could lead to potential phishing attacks on users. * MFSA 2012-44 Google security researcher Abhishek Arya used the Address Sanitizer tool to uncover four issues: two use-after-free problems, one out of bounds read bug, and a bad cast. The first use-afte.r-free problem is caused when an array of nsSMILTimeValueSpec objects is destroyed but attempts are made to call into objects in this array later. The second use-after-free problem is in nsDocument::AdoptNode when it adopts into an empty document and then adopts into another document, emptying the first one. The heap buffer overflow is in ElementAnimations when data is read off of end of an array and then pointers are dereferenced. The bad cast happens when nsTableFrame::InsertFrames is called with frames in aFrameList that are a mix of row group frames and column group frames. AppendFrames is not able to handle this mix. All four of these issues are potentially exploitable. o CVE-2012-1951: Heap-use-after-free in nsSMILTimeValueSpec::IsEventBased o CVE-2012-1954: Heap-use-after-free in nsDocument::AdoptNode o CVE-2012-1953: Out of bounds read in ElementAnimations::EnsureStyleRuleFor o CVE-2012-1952: Bad cast in nsTableFrame::InsertFrames * MFSA 2012-45 / CVE-2012-1955: Security researcher Mariusz Mlynski reported an issue with spoofing of the location property. In this issue, calls to history.forward and history.back are used to navigate to a site while displaying the previous site in the addressbar but changing the baseURI to the newer site. This can be used for phishing by allowing the user input form or other data on the newer, attacking, site while appearing to be on the older, displayed site. * MFSA 2012-46 / CVE-2012-1966: Mozilla security researcher moz_bug_r_a4 reported a cross-site scripting (XSS) attack through the context menu using a data: URL. In this issue, context menu functionality ("View Image", "Show only this frame", and "View background image") are disallowed in a javascript: URL but allowed in a data: URL, allowing for XSS. This can lead to arbitrary code execut

Related Resources

Related Vulnerabilities

CVE-2012-1967   CVE-2012-1948   CVE-2012-1949   CVE-2012-1951   CVE-2012-1952   CVE-2012-1953   CVE-2012-1954   CVE-2012-1966   CVE-2012-1958   CVE-2012-1959   CVE-2012-1962   CVE-2012-1950   CVE-2012-1955   CVE-2012-1957   CVE-2012-1961   CVE-2012-1963   CVE-2012-1964   CVE-2012-1965   CVE-2012-1960  

Related Patches

Superseded Patches

None


Last Updated: 27 May 2016 11:14:28