Test ID:	1.3.6.1.4.1.25623.1.0.68231
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-975-1 (xulrunner-1.9.2)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to xulrunner-1.9.2 announced via advisory USN-975-1. Details follow: Several dangling pointer vulnerabilities were discovered in Firefox. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-2760, CVE-2010-2767, CVE-2010-3167) Blake Kaplan and Michal Zalewski discovered several weaknesses in the XPCSafeJSObjectWrapper (SJOW) security wrapper. If a user were tricked into viewing a malicious site, a remote attacker could use this to run arbitrary JavaScript with chrome privileges. (CVE-2010-2762) Matt Haggard discovered that Firefox did not honor same-origin policy when processing the statusText property of an XMLHttpRequest object. If a user were tricked into viewing a malicious site, a remote attacker could use this to gather information about servers on internal private networks. (CVE-2010-2764) Chris Rohlf discovered an integer overflow when Firefox processed the HTML frameset element. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-2765) Several issues were discovered in the browser engine. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-2766, CVE-2010-3168) David Huang and Collin Jackson discovered that the tag could override the charset of a framed HTML document in another origin. An attacker could utilize this to perform cross-site scripting attacks. (CVE-2010-2768) Paul Stone discovered that with designMode enabled an HTML selection containing JavaScript could be copied and pasted into a document and have the JavaScript execute within the context of the site where the code was dropped. An attacker could utilize this to perform cross-site scripting attacks. (CVE-2010-2769) A buffer overflow was discovered in Firefox when processing text runs. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-3166) Peter Van der Beken, Jason Oster, Jesse Ruderman, Igor Bukanov, Jeff Walden, Gary Kwong and Olli Pettay discovered several flaws in the browser engine. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. (CVE-2010-3169) Solution: The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: firefox-3.0 3.6.9+build1+nobinonly-0ubuntu0.8.04.1 xulrunner-1.9.2 1.9.2.9+build1+nobinonly-0ubuntu0.8.04.1 Ubuntu 9.04: abrowser 3.6.9+build1+nobinonly-0ubuntu0.9.04.1 firefox-3.0 3.6.9+build1+nobinonly-0ubuntu0.9.04.1 xulrunner-1.9.2 1.9.2.9+build1+nobinonly-0ubuntu0.9.04.1 Ubuntu 9.10: firefox-3.5 3.6.9+build1+nobinonly-0ubuntu0.9.10.2 xulrunner-1.9.1 1.9.1.12+build1+nobinonly-0ubuntu0.9.10.2 xulrunner-1.9.2 1.9.2.9+build1+nobinonly-0ubuntu0.9.10.1 Ubuntu 10.04 LTS: abrowser 3.6.9+build1+nobinonly-0ubuntu0.10.04.1 firefox 3.6.9+build1+nobinonly-0ubuntu0.10.04.1 xulrunner-1.9.2 1.9.2.9+build1+nobinonly-0ubuntu0.10.04.1 After a standard system update you need to restart Firefox and any application that use Xulrunner to make all the necessary changes. http://www.securityspace.com/smysecure/catid.html?in=USN-975-1 Risk factor : Critical CVSS Score: 9.3
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2760 Debian Security Information: DSA-2106 (Google Search) http://www.debian.org/security/2010/dsa-2106 http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047282.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:173 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11799 http://secunia.com/advisories/42867 SuSE Security Announcement: SUSE-SA:2010:049 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00002.html http://www.vupen.com/english/advisories/2010/2323 http://www.vupen.com/english/advisories/2011/0061 XForce ISS Database: mozilla-nstreeselection-code-execution(61660) https://exchange.xforce.ibmcloud.com/vulnerabilities/61660 Common Vulnerability Exposure (CVE) ID: CVE-2010-2762 BugTraq ID: 43092 http://www.securityfocus.com/bid/43092 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11492 XForce ISS Database: firefox-sjow-code-exec(61656) https://exchange.xforce.ibmcloud.com/vulnerabilities/61656 Common Vulnerability Exposure (CVE) ID: CVE-2010-2764 BugTraq ID: 43104 http://www.securityfocus.com/bid/43104 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11684 XForce ISS Database: firefox-xmlhttprequest-info-disclosure(61662) https://exchange.xforce.ibmcloud.com/vulnerabilities/61662 Common Vulnerability Exposure (CVE) ID: CVE-2010-2765 BugTraq ID: 43095 http://www.securityfocus.com/bid/43095 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11519 Common Vulnerability Exposure (CVE) ID: CVE-2010-2766 BugTraq ID: 43100 http://www.securityfocus.com/bid/43100 http://www.zerodayinitiative.com/advisories/ZDI-10-176/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11778 Common Vulnerability Exposure (CVE) ID: CVE-2010-2767 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11969 XForce ISS Database: mozilla-pointer-code-execution(61658) https://exchange.xforce.ibmcloud.com/vulnerabilities/61658 Common Vulnerability Exposure (CVE) ID: CVE-2010-2768 BugTraq ID: 43101 http://www.securityfocus.com/bid/43101 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11735 Common Vulnerability Exposure (CVE) ID: CVE-2010-2769 BugTraq ID: 43106 http://www.securityfocus.com/bid/43106 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12192 Common Vulnerability Exposure (CVE) ID: CVE-2010-3166 BugTraq ID: 43102 http://www.securityfocus.com/bid/43102 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12186 Common Vulnerability Exposure (CVE) ID: CVE-2010-3167 BugTraq ID: 43097 http://www.securityfocus.com/bid/43097 http://www.zerodayinitiative.com/advisories/ZDI-10-171/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12136 XForce ISS Database: mozilla-nstreecontentview-code-execution(61661) https://exchange.xforce.ibmcloud.com/vulnerabilities/61661 Common Vulnerability Exposure (CVE) ID: CVE-2010-3168 BugTraq ID: 43108 http://www.securityfocus.com/bid/43108 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12001 XForce ISS Database: firefox-xultree-objects-code-exec(61653) https://exchange.xforce.ibmcloud.com/vulnerabilities/61653 Common Vulnerability Exposure (CVE) ID: CVE-2010-3169 BugTraq ID: 43118 http://www.securityfocus.com/bid/43118 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12145 XForce ISS Database: mozilla-safety-code-execution(61657) https://exchange.xforce.ibmcloud.com/vulnerabilities/61657
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.