EmptyTimCup
10-28-2009, 03:55 PM
:yikes:
Firefox hit by multiple drive-by download flaws (http://blogs.zdnet.com/security/?p=4758&tag=nl.e589)
Posted by Ryan Naraine @ 7:34 am
* MFSA 2009-64 (Critical) — Crashes with evidence of memory corruption. Four different vulnerabilities were documented. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code.
* MFSA 2009-63 (Critical) — Mozilla upgraded several third party libraries used in media rendering to address multiple memory safety and stability bugs identified by members of the Mozilla community. Some of the bugs discovered could potentially be used by an attacker to crash a victim’s browser and execute arbitrary code on their computer. liboggz, libvorbis, and liboggplay were all upgraded to address these issues. Three different vulnerabilities were documented.
* MFSA 2009-59 (Critical) — A heap-based buffer overflow in Mozilla’s string to floating point number conversion routines allows an attacker to craft some malicious JavaScript code containing a very long string to be converted to a floating point number which would result in improper memory allocation and the execution of an arbitrary memory location. This vulnerability could thus be leveraged by the attacker to run arbitrary code on a victim’s computer.
* MFSA 2009-57 (Critical) — The XPCOM utility XPCVariant::VariantDataToJS unwrapped doubly-wrapped objects before returning them to chrome callers. This could result in chrome privileged code calling methods on an object which had previously been created or modified by web content, potentially executing malicious JavaScript code with chrome privileges.
* MFSA 2009-56 (Critical) — A heap-based buffer overflow in Mozilla’s GIF image parser. This vulnerability could potentially be used by an attacker to crash a victim’s browser and run arbitrary code on their computer. This flaw does not affect products built on the Gecko 1.8 browser engine such as Thunderbird 2.
* MFSA 2009-54 (Critical) — Recursive creation of JavaScript web-workers can be used to create a set of objects whose memory could be freed prior to their use. These conditions often result in a crash which could potentially be used by an attacker to run arbitrary code on a victim’s computer. Web Workers were introduced in Firefox 3.5 so this vulnerability did not affect earlier releases such as Firefox 3.
Firefox hit by multiple drive-by download flaws (http://blogs.zdnet.com/security/?p=4758&tag=nl.e589)
Posted by Ryan Naraine @ 7:34 am
* MFSA 2009-64 (Critical) — Crashes with evidence of memory corruption. Four different vulnerabilities were documented. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code.
* MFSA 2009-63 (Critical) — Mozilla upgraded several third party libraries used in media rendering to address multiple memory safety and stability bugs identified by members of the Mozilla community. Some of the bugs discovered could potentially be used by an attacker to crash a victim’s browser and execute arbitrary code on their computer. liboggz, libvorbis, and liboggplay were all upgraded to address these issues. Three different vulnerabilities were documented.
* MFSA 2009-59 (Critical) — A heap-based buffer overflow in Mozilla’s string to floating point number conversion routines allows an attacker to craft some malicious JavaScript code containing a very long string to be converted to a floating point number which would result in improper memory allocation and the execution of an arbitrary memory location. This vulnerability could thus be leveraged by the attacker to run arbitrary code on a victim’s computer.
* MFSA 2009-57 (Critical) — The XPCOM utility XPCVariant::VariantDataToJS unwrapped doubly-wrapped objects before returning them to chrome callers. This could result in chrome privileged code calling methods on an object which had previously been created or modified by web content, potentially executing malicious JavaScript code with chrome privileges.
* MFSA 2009-56 (Critical) — A heap-based buffer overflow in Mozilla’s GIF image parser. This vulnerability could potentially be used by an attacker to crash a victim’s browser and run arbitrary code on their computer. This flaw does not affect products built on the Gecko 1.8 browser engine such as Thunderbird 2.
* MFSA 2009-54 (Critical) — Recursive creation of JavaScript web-workers can be used to create a set of objects whose memory could be freed prior to their use. These conditions often result in a crash which could potentially be used by an attacker to run arbitrary code on a victim’s computer. Web Workers were introduced in Firefox 3.5 so this vulnerability did not affect earlier releases such as Firefox 3.