English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 72151 CVE descriptions
and 38907 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.59223
Category:Ubuntu Local Security Checks
Title:Ubuntu USN-535-1 (firefox)
Summary:Ubuntu USN-535-1 (firefox)
Description:
The remote host is missing an update to firefox
announced via advisory USN-535-1.

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04
Ubuntu 7.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

Details follow:

Various flaws were discovered in the layout and JavaScript engines.
By tricking a user into opening a malicious web page, an attacker could
execute arbitrary code with the user's privileges. (CVE-2007-5336,
CVE-2007-5339, CVE-2007-5340)

Michal Zalewski discovered that the onUnload event handlers were
incorrectly able to access information outside the old page content.
A malicious web site could exploit this to modify the contents, or steal
confidential data (such as passwords), of the next loaded web page.
(CVE-2007-1095)

Stefano Di Paola discovered that Firefox did not correctly request
Digest Authentications. A malicious web site could exploit this to
inject arbitrary HTTP headers or perform session splitting attacks
against proxies. (CVE-2007-2292)

Flaws were discovered in the file upload form control. By tricking
a user into opening a malicious web page, an attacker could force
arbitrary files from the user's computer to be uploaded without their
consent. (CVE-2006-2894, CVE-2007-3511)

Eli Friedman discovered that XUL could be used to hide a window's
titlebar. A malicious web site could exploit this to enhance their
attempts at creating phishing web sites. (CVE-2007-5334)

Georgi Guninski discovered that Firefox would allow file-system based
web pages to access additional files. By tricking a user into opening
a malicious web page from a gnome-vfs location, an attacker could steal
arbitrary files from the user's computer. (CVE-2007-5337)

It was discovered that the XPCNativeWrappers were not safe in
certain situations. By tricking a user into opening a malicious
web page, an attacker could run arbitrary JavaScript with the user's
privileges. (CVE-2007-5338)

Solution:
The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
firefox 1.5.dfsg+1.5.0.14~
prepatch071011b-0ubuntu1

Ubuntu 6.10:
firefox 2.0.0.8+0dfsg-0ubuntu0.6.10

Ubuntu 7.04:
firefox 2.0.0.8+1nobinonly-0ubuntu1

Ubuntu 7.10:
firefox 2.0.0.8+2nobinonly-0ubuntu1

After a standard system upgrade you need to restart Firefox to affect
the necessary changes.

http://www.securityspace.com/smysecure/catid.html?in=USN-535-1

Risk factor : Critical
Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2006-2894
Bugtraq: 20070211 Firefox focus stealing vulnerability (possibly other browsers) (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2007-02/0166.html
Bugtraq: 20070212 Re: [Full-disclosure] Firefox focus stealing vulnerability (possibly other browsers) (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2007-02/0187.html
Bugtraq: 20071029 FLEA-2007-0062-1 firefox (Google Search)
http://www.securityfocus.com/archive/1/archive/1/482925/100/0/threaded
Bugtraq: 20071026 rPSA-2007-0225-1 firefox (Google Search)
http://www.securityfocus.com/archive/1/archive/1/482876/100/200/threaded
Bugtraq: 20071029 rPSA-2007-0225-2 firefox thunderbird (Google Search)
http://www.securityfocus.com/archive/1/archive/1/482932/100/200/threaded
http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046610.html
http://lists.virus.org/full-disclosure-0702/msg00225.html
http://lcamtuf.coredump.cx/focusbug/
http://www.gnucitizen.org/blog/browser-focus-rip
http://www.thanhngan.org/fflinuxversion.html
https://bugzilla.mozilla.org/show_bug.cgi?id=290478
https://bugzilla.mozilla.org/show_bug.cgi?id=56236
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html
HPdes Security Advisory: HPSBUX02153
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
HPdes Security Advisory: SSRT061181
http://www.mandriva.com/security/advisories?name=MDKSA-2006:143
http://www.mandriva.com/security/advisories?name=MDKSA-2006:145
http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:202
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1
SuSE Security Announcement: SUSE-SA:2007:057 (Google Search)
http://www.novell.com/linux/security/advisories/2007_57_mozilla.html
http://www.ubuntulinux.org/support/documentation/usn/usn-535-1
http://www.ubuntu.com/usn/usn-536-1
BugTraq ID: 18308
http://www.securityfocus.com/bid/18308
http://www.vupen.com/english/advisories/2006/2160
http://www.vupen.com/english/advisories/2006/2162
http://www.vupen.com/english/advisories/2006/2163
http://www.vupen.com/english/advisories/2006/2164
http://www.vupen.com/english/advisories/2007/3544
http://www.vupen.com/english/advisories/2008/0083
http://securitytracker.com/id?1018837
http://secunia.com/advisories/20442
http://secunia.com/advisories/20467
http://secunia.com/advisories/20470
http://secunia.com/advisories/20472
http://secunia.com/advisories/21532
http://secunia.com/advisories/27335
http://secunia.com/advisories/27383
http://secunia.com/advisories/27403
http://secunia.com/advisories/27387
http://secunia.com/advisories/27298
http://secunia.com/advisories/27414
http://securityreason.com/securityalert/1059
Common Vulnerability Exposure (CVE) ID: CVE-2007-1095
Bugtraq: 20070223 Firefox: onUnload tailgating (MSIE7 entrapment bug variant) (Google Search)
http://www.securityfocus.com/archive/1/archive/1/461007/100/0/threaded
Bugtraq: 20070223 MSIE7 browser entrapment vulnerability (probably Firefox, too) (Google Search)
http://www.securityfocus.com/archive/1/archive/1/461023/100/0/threaded
http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052630.html
http://lcamtuf.coredump.cx/ietrap/ff/
https://bugzilla.mozilla.org/show_bug.cgi?id=371360
Debian Security Information: DSA-1396 (Google Search)
http://www.debian.org/security/2007/dsa-1396
Debian Security Information: DSA-1401 (Google Search)
http://www.debian.org/security/2007/dsa-1401
Debian Security Information: DSA-1392 (Google Search)
http://www.debian.org/security/2007/dsa-1392
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html
http://www.gentoo.org/security/en/glsa/glsa-200711-14.xml
http://www.redhat.com/support/errata/RHSA-2007-0979.html
http://www.redhat.com/support/errata/RHSA-2007-0980.html
http://www.redhat.com/support/errata/RHSA-2007-0981.html
BugTraq ID: 22688
http://www.securityfocus.com/bid/22688
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11665
http://www.vupen.com/english/advisories/2007/3587
http://osvdb.org/33809
http://secunia.com/advisories/27276
http://secunia.com/advisories/27325
http://secunia.com/advisories/27327
http://secunia.com/advisories/27356
http://secunia.com/advisories/27425
http://secunia.com/advisories/27480
http://secunia.com/advisories/27311
http://secunia.com/advisories/27315
http://secunia.com/advisories/27336
http://secunia.com/advisories/27665
http://secunia.com/advisories/27680
http://secunia.com/advisories/27360
http://secunia.com/advisories/28398
http://securityreason.com/securityalert/2310
XForce ISS Database: ie-mozilla-onunload-dos(32647)
http://xforce.iss.net/xforce/xfdb/32647
XForce ISS Database: ie-mozilla-onunload-url-spoofing(32649)
http://xforce.iss.net/xforce/xfdb/32649
Common Vulnerability Exposure (CVE) ID: CVE-2007-2292
Bugtraq: 20070425 IE 7 and Firefox Browsers Digest Authentication Request Splitting (Google Search)
http://www.securityfocus.com/archive/1/archive/1/466906/100/0/threaded
http://www.wisec.it/vulns.php?id=11
https://bugzilla.mozilla.org/show_bug.cgi?id=378787
BugTraq ID: 23668
http://www.securityfocus.com/bid/23668
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10195
http://www.securitytracker.com/id?1017968
http://securityreason.com/securityalert/2654
XForce ISS Database: firefox-lf-response-splitting(33981)
http://xforce.iss.net/xforce/xfdb/33981
Common Vulnerability Exposure (CVE) ID: CVE-2007-3511
http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0646.html
http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0658.html
http://yathong.googlepages.com/FirefoxFocusBug.html
http://sla.ckers.org/forum/read.php?3,13142
BugTraq ID: 24725
http://www.securityfocus.com/bid/24725
http://osvdb.org/37994
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9763
http://secunia.com/advisories/25904
XForce ISS Database: firefox-focus-security-bypass(35299)
http://xforce.iss.net/xforce/xfdb/35299
Common Vulnerability Exposure (CVE) ID: CVE-2007-5334
https://bugzilla.mozilla.org/show_bug.cgi?id=391043
CERT/CC vulnerability note: VU#349217
http://www.kb.cert.org/vuls/id/349217
BugTraq ID: 26132
http://www.securityfocus.com/bid/26132
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11482
XForce ISS Database: mozilla-xul-page-spoofing(37286)
http://xforce.iss.net/xforce/xfdb/37286
Common Vulnerability Exposure (CVE) ID: CVE-2007-5335
http://osvdb.org/42470
XForce ISS Database: firefox-addmicrosummary-info-disclosure(37428)
http://xforce.iss.net/xforce/xfdb/37428
Common Vulnerability Exposure (CVE) ID: CVE-2007-5336
Common Vulnerability Exposure (CVE) ID: CVE-2007-5337
https://bugzilla.mozilla.org/show_bug.cgi?id=381146
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11443
XForce ISS Database: mozilla-sftp-file-access(37287)
http://xforce.iss.net/xforce/xfdb/37287
Common Vulnerability Exposure (CVE) ID: CVE-2007-5338
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10965
http://securitytracker.com/id?1018836
XForce ISS Database: mozilla-xpcnativewrapper-code-execution(37288)
http://xforce.iss.net/xforce/xfdb/37288
Common Vulnerability Exposure (CVE) ID: CVE-2007-5339
https://bugzilla.mozilla.org/buglist.cgi?bug_id=309322,330563,341858,344064,348126,354645,361745,362901,378670,378682,379799,382376,384105,386382,386914,387033,387460,387844,391974,392285,393770,394014,394418
Debian Security Information: DSA-1391 (Google Search)
http://www.debian.org/security/2007/dsa-1391
http://security.gentoo.org/glsa/glsa-200711-24.xml
HPdes Security Advisory: HPSBUX02156
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579
HPdes Security Advisory: SSRT061236
http://www.mandriva.com/security/advisories?name=MDVSA-2007:047
http://www.mandriva.com/security/advisories?name=MDVSA-2008:047
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.471007
http://sunsolve.sun.com/search/document.do?assetkey=1-26-231441-1
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018977.1-1
SuSE Security Announcement: SUSE-SR:2008:002 (Google Search)
http://www.novell.com/linux/security/advisories/suse_security_summary_report.html
CERT/CC vulnerability note: VU#559977
http://www.kb.cert.org/vuls/id/559977
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10459
http://www.vupen.com/english/advisories/2007/3545
http://www.vupen.com/english/advisories/2007/4272
http://www.vupen.com/english/advisories/2008/0082
http://www.vupen.com/english/advisories/2008/0643
http://securitytracker.com/id?1018834
http://securitytracker.com/id?1018835
http://secunia.com/advisories/27313
http://secunia.com/advisories/27326
http://secunia.com/advisories/27704
http://secunia.com/advisories/28179
http://secunia.com/advisories/28363
http://secunia.com/advisories/28636
http://secunia.com/advisories/27744
XForce ISS Database: mozilla-multiple-browser-code-execution(37281)
http://xforce.iss.net/xforce/xfdb/37281
Common Vulnerability Exposure (CVE) ID: CVE-2007-5340
https://bugzilla.mozilla.org/buglist.cgi?bug_id=372309,387955,390078,393537
CERT/CC vulnerability note: VU#755513
http://www.kb.cert.org/vuls/id/755513
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9622
XForce ISS Database: mozilla-multiple-java-code-execution(37282)
http://xforce.iss.net/xforce/xfdb/37282
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 38907 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.