 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.72044 |
| Category: | Mandrake Local Security Checks |
| Title: | Mandriva Security Advisory MDVSA-2012:066 (mozilla) |
| Summary: | NOSUMMARY |
| Description: | Description: The remote host is missing an update to mozilla announced via advisory MDVSA-2012:066. Security issues were identified and fixed in mozilla firefox and thunderbird: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code (CVE-2012-0468, CVE-2012-0467). Using the Address Sanitizer tool, security researcher Aki Helin from OUSPG found that IDBKeyRange of indexedDB remains in the XPConnect hashtable instead of being unlinked before being destroyed. When it is destroyed, this causes a use-after-free, which is potentially exploitable (CVE-2012-0469). Using the Address Sanitizer tool, security researcher Atte Kettunen from OUSPG found a heap corruption in gfxImageSurface which allows for invalid frees and possible remote code execution. This happens due to float error, resulting from graphics values being passed through different number systems (CVE-2012-0470). Anne van Kesteren of Opera Software found a multi-octet encoding issue where certain octets will destroy the following octets in the processing of some multibyte character sets. This can leave users vulnerable to cross-site scripting (XSS) attacks on maliciously crafted web pages (CVE-2012-0471). Security research firm iDefense reported that researcher wushi of team509 discovered a memory corruption on Windows Vista and Windows 7 systems with hardware acceleration disabled or using incompatible video drivers. This is created by using cairo-dwrite to attempt to render fonts on an unsupported code path. This corruption causes a potentially exploitable crash on affected systems (CVE-2012-0472). Mozilla community member Matias Juntunen discovered an error in WebGLBuffer where FindMaxElementInSubArray receives wrong template arguments from FindMaxUshortElement. This bug causes maximum index to be computed incorrectly within WebGL.drawElements, allowing the reading of illegal video memory (CVE-2012-0473). Security researchers Jordi Chancel and Eddy Bordi reported that they could short-circuit page loads to show the address of a different site than what is loaded in the window in the addressbar. Security researcher Chris McGowen independently reported the same flaw, and further demonstrated that this could lead to loading scripts from the attacker' s site, leaving users vulnerable to cross-site scripting (XSS) attacks (CVE-2012-0474). Security researcher Masato Kinugawa found that during the decoding of ISO-2022-KR and ISO-2022-CN character sets, characters near 1024 bytes are treated incorrectly, either doubling or deleting bytes. On certain pages it might be possible for an attacker to pad the output of the page such that these errors fall in the right place to affect the structure of the page, allowing for cross-site script (XSS) injection (CVE-2012-0477). Mozilla community member Ms2ger found an image rendering issue with WebGL when texImage2D uses use JSVAL_TO_OBJECT on arbitrary objects. This can lead to a crash on a maliciously crafted web page. While there is no evidence that this is directly exploitable, there is a possibility of remote code execution (CVE-2012-0478). Mateusz Jurczyk of the Google Security Team discovered an off-by-one error in the OpenType Sanitizer using the Address Sanitizer tool. This can lead to an out-of-bounds read and execution of an uninitialized function pointer during parsing and possible remote code execution (CVE-2011-3062). Security researcher Jeroen van der Gun reported that if RSS or Atom XML invalid content is loaded over HTTPS, the addressbar updates to display the new location of the loaded resource, including SSL indicators, while the main window still displays the previously loaded content. This allows for phishing attacks where a malicious page can spoof the identify of another seemingly secure site (CVE-2012-0479). The mozilla firefox and thunderbird packages has been upgraded to the latest respective versions which is unaffected by these security flaws. Additionally the SQLite packages has been upgraded to the 3.7.11 version and the cairo packages has been patched to work with firefox and thunderbird 12.0 for Mandriva Linux 2011. Affected: 2010.1, 2011. Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2012:066 http://www.mozilla.org/security/announce/2012/mfsa2012-20.html http://www.mozilla.org/security/announce/2012/mfsa2012-22.html http://www.mozilla.org/security/announce/2012/mfsa2012-23.html http://www.mozilla.org/security/announce/2012/mfsa2012-24.html http://www.mozilla.org/security/announce/2012/mfsa2012-25.html http://www.mozilla.org/security/announce/2012/mfsa2012-26.html http://www.mozilla.org/security/announce/2012/mfsa2012-27.html http://www.mozilla.org/security/announce/2012/mfsa2012-29.html http://www.mozilla.org/security/announce/2012/mfsa2012-30.html http://www.mozilla.org/security/announce/2012/mfsa2012-31.html http://www.mozilla.org/security/announce/2012/mfsa2012-33.html Risk factor : High |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2012-0468 BugTraq ID: 53221 http://www.securityfocus.com/bid/53221 http://www.mandriva.com/security/advisories?name=MDVSA-2012:066 http://www.mandriva.com/security/advisories?name=MDVSA-2012:081 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16771 http://secunia.com/advisories/48972 http://secunia.com/advisories/49047 http://secunia.com/advisories/49055 Common Vulnerability Exposure (CVE) ID: CVE-2012-0467 BugTraq ID: 53223 http://www.securityfocus.com/bid/53223 Debian Security Information: DSA-2457 (Google Search) http://www.debian.org/security/2012/dsa-2457 Debian Security Information: DSA-2458 (Google Search) http://www.debian.org/security/2012/dsa-2458 Debian Security Information: DSA-2464 (Google Search) http://www.debian.org/security/2012/dsa-2464 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17074 http://secunia.com/advisories/48920 http://secunia.com/advisories/48922 Common Vulnerability Exposure (CVE) ID: CVE-2012-0469 BugTraq ID: 53220 http://www.securityfocus.com/bid/53220 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16734 Common Vulnerability Exposure (CVE) ID: CVE-2012-0470 BugTraq ID: 53225 http://www.securityfocus.com/bid/53225 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16989 Common Vulnerability Exposure (CVE) ID: CVE-2012-0471 BugTraq ID: 53219 http://www.securityfocus.com/bid/53219 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16961 Common Vulnerability Exposure (CVE) ID: CVE-2012-0472 BugTraq ID: 53218 http://www.securityfocus.com/bid/53218 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17067 Common Vulnerability Exposure (CVE) ID: CVE-2012-0473 BugTraq ID: 53231 http://www.securityfocus.com/bid/53231 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16113 Common Vulnerability Exposure (CVE) ID: CVE-2012-0474 BugTraq ID: 53228 http://www.securityfocus.com/bid/53228 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16107 Common Vulnerability Exposure (CVE) ID: CVE-2012-0477 BugTraq ID: 53229 http://www.securityfocus.com/bid/53229 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16889 XForce ISS Database: firefox-iso2022kr-xss(75154) https://exchange.xforce.ibmcloud.com/vulnerabilities/75154 Common Vulnerability Exposure (CVE) ID: CVE-2012-0478 BugTraq ID: 53227 http://www.securityfocus.com/bid/53227 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16893 XForce ISS Database: firefox-teximage2d-dos(75155) https://exchange.xforce.ibmcloud.com/vulnerabilities/75155 Common Vulnerability Exposure (CVE) ID: CVE-2011-3062 http://osvdb.org/80740 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15488 http://www.securitytracker.com/id?1026877 http://secunia.com/advisories/48618 http://secunia.com/advisories/48691 http://secunia.com/advisories/48763 XForce ISS Database: chrome-sanitizer-code-exec(74412) https://exchange.xforce.ibmcloud.com/vulnerabilities/74412 Common Vulnerability Exposure (CVE) ID: CVE-2012-0479 BugTraq ID: 53224 http://www.securityfocus.com/bid/53224 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17011 XForce ISS Database: firefox-rss-spoofing(75156) https://exchange.xforce.ibmcloud.com/vulnerabilities/75156 |
| Copyright | Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |