1 |
type: security |
2 |
subject: Updated firefox and thunderbird packages fix security vulnerabilities |
3 |
CVE: |
4 |
- CVE-2013-1701 |
5 |
- CVE-2013-1709 |
6 |
- CVE-2013-1710 |
7 |
- CVE-2013-1713 |
8 |
- CVE-2013-1714 |
9 |
- CVE-2013-1717 |
10 |
src: |
11 |
2: |
12 |
core: |
13 |
- firefox-17.0.8-1.mga2 |
14 |
- firefox-l10n-17.0.8-1.mga2 |
15 |
- thunderbird-17.0.8-1.mga2 |
16 |
- thunderbird-l10n-17.0.8-1.mga2 |
17 |
3: |
18 |
core: |
19 |
- firefox-17.0.8-1.mga3 |
20 |
- firefox-l10n-17.0.8-1.mga3 |
21 |
- thunderbird-17.0.8-1.mga3 |
22 |
- thunderbird-l10n-17.0.8-1.mga3 |
23 |
description: | |
24 |
Mozilla developers identified and fixed several memory safety |
25 |
bugs in the browser engine used in Firefox and other Mozilla-based |
26 |
products. Some of these bugs showed evidence of memory corruption under |
27 |
certain circumstances, and we presume that with enough effort at least |
28 |
some of these could be exploited to run arbitrary code (CVE-2013-1701). |
29 |
|
30 |
Mozilla security researcher moz_bug_r_a4 reported that through an |
31 |
interaction of frames and browser history it was possible to make |
32 |
the browser believe attacker-supplied content came from the location |
33 |
of a previous page in browser history. This allows for cross-site |
34 |
scripting (XSS) attacks by loading scripts from a misrepresented |
35 |
malicious site through relative locations and the potential access |
36 |
of stored credentials of a spoofed site (CVE-2013-1709). |
37 |
|
38 |
Mozilla security researcher moz_bug_r_a4 reported a mechanism to |
39 |
execute arbitrary code or a cross-site scripting (XSS) attack when |
40 |
Certificate Request Message Format (CRMF) request is generated in |
41 |
certain circumstances (CVE-2013-1710). |
42 |
|
43 |
Security researcher Cody Crews reported that some Javascript components |
44 |
will perform checks against the wrong uniform resource identifier |
45 |
(URI) before performing security sensitive actions. This will return |
46 |
an incorrect location for the originator of the call. This could be |
47 |
used to bypass same-origin policy, allowing for cross-site scripting |
48 |
(XSS) or the installation of malicious add-ons from third-party pages |
49 |
(CVE-2013-1713). |
50 |
|
51 |
Mozilla community member Federico Lanusse reported a mechanism where |
52 |
a web worker can violate same-origin policy and bypass cross-origin |
53 |
checks through XMLHttpRequest. This could allow for cross-site |
54 |
scripting (XSS) attacks by web workers (CVE-2013-1714). |
55 |
|
56 |
Security researcher Georgi Guninski reported an issue with Java |
57 |
applets where in some circumstances the applet could access files on |
58 |
the local system when loaded using the a file:/// URI and violate file |
59 |
origin policy due to interaction with the codebase parameter. This |
60 |
affects applets running on the local file system. Mozilla developer |
61 |
John Schoenick later discovered that fixes for this issue were |
62 |
inadequate and allowed the invocation of Java applets to bypass |
63 |
security checks in additional circumstances. This could lead to |
64 |
untrusted Java applets having read-only access on the local files |
65 |
system if used in conjunction with a method to download a file to a |
66 |
known or guessable path (CVE-2013-1717). |
67 |
references: |
68 |
- https://bugs.mageia.org/show_bug.cgi?id=10946 |
69 |
- http://www.mozilla.org/security/announce/2013/mfsa2013-63.html |
70 |
- http://www.mozilla.org/security/announce/2013/mfsa2013-68.html |
71 |
- http://www.mozilla.org/security/announce/2013/mfsa2013-69.html |
72 |
- http://www.mozilla.org/security/announce/2013/mfsa2013-72.html |
73 |
- http://www.mozilla.org/security/announce/2013/mfsa2013-73.html |
74 |
- http://www.mozilla.org/security/announce/2013/mfsa2013-75.html |
75 |
- http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html |
76 |
- http://www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2013:210/ |
77 |
ID: MGASA-2013-0248 |