| Description: | Summary:
The remote host is missing an update for the 'mozilla'
package(s) announced via the referenced advisory.
Vulnerability Insight:
Security issues were identified and fixed in mozilla firefox and
thunderbird:
Mozilla developers identified and fixed several memory safety
bugs in the browser engine used in Firefox and other Mozilla-based
products. Some of these bugs showed evidence of memory corruption
under certain circumstances, and we presume that with enough effort
at least some of these could be exploited to run arbitrary code
(CVE-2012-0468, CVE-2012-0467).
Using the Address Sanitizer tool, security researcher Aki Helin from
OUSPG found that IDBKeyRange of indexedDB remains in the XPConnect
hashtable instead of being unlinked before being destroyed. When
it is destroyed, this causes a use-after-free, which is potentially
exploitable (CVE-2012-0469).
Using the Address Sanitizer tool, security researcher Atte Kettunen
from OUSPG found a heap corruption in gfxImageSurface which allows for
invalid frees and possible remote code execution. This happens due
to float error, resulting from graphics values being passed through
different number systems (CVE-2012-0470).
Anne van Kesteren of Opera Software found a multi-octet encoding
issue where certain octets will destroy the following octets in the
processing of some multibyte character sets. This can leave users
vulnerable to cross-site scripting (XSS) attacks on maliciously
crafted web pages (CVE-2012-0471).
Security research firm iDefense reported that researcher wushi of
team509 discovered a memory corruption on Windows Vista and Windows
7 systems with hardware acceleration disabled or using incompatible
video drivers. This is created by using cairo-dwrite to attempt to
render fonts on an unsupported code path. This corruption causes a
potentially exploitable crash on affected systems (CVE-2012-0472).
Mozilla community member Matias Juntunen discovered an error in
WebGLBuffer where FindMaxElementInSubArray receives wrong template
arguments from FindMaxUshortElement. This bug causes maximum index
to be computed incorrectly within WebGL.drawElements, allowing the
reading of illegal video memory (CVE-2012-0473).
Security researchers Jordi Chancel and Eddy Bordi reported that they
could short-circuit page loads to show the address of a different
site than what is loaded in the window in the addressbar. Security
researcher Chris McGowen independently reported the same flaw, and
further demonstrated that this could lead to loading scripts from
the attacker's site, leaving users vulnerable to cross-site scripting
(XSS) attacks (CVE-2012-0474 ...
Description truncated, please see the referenced URL(s) for more information.
Affected Software/OS:
mozilla on Mandriva Linux 2011.0,
Mandriva Linux 2010.1
Solution:
Please Install the Updated Packages.
CVSS Score:
10.0
CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
