Mozilla Firefox / Thunderbird / SeaMonkey Multiple Vulnerabilities

ID: IRCAD2012031781
Release Date: 2012-03-14
Criticality level: Highly critical
Mozilla Firefox 10.x
Mozilla SeaMonkey 2.x
Mozilla Thunderbird 10.x
Multiple vulnerabilities have been reported in Mozilla Firefox, Thunderbird, and SeaMonkey, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, disclose certain sensitive information, and compromise a user's system.
1) A use-after-free error exists within shlwapi.dll when closing a child window that uses the file open dialog.
2) An error when handling certain drag and drop actions can be exploited to conduct cross-site scripting attacks.
3) A use-after-free error exists within the "nsSMILTimeValueSpec::ConvertBetweenTimeContainers()" function when handling certain SVG animation.
4) An out-of-bounds read error in SVG filters can be exploited to disclose certain data.
5) An error when handling Content Security Policy headers can be exploited to conduct cross-site scripting attacks.
6) An error when handling "javascript:" home page can be exploited to execute script code in "about:sessionrestore" context.
7) An unspecified error exists when accessing a keyframe's cssText after dynamic modification.
8) The window.fullScreen property does not properly enforce the mozRequestFullscreen policy, which can be exploited to bypass the policy and spoof certain content.
9) Multiple unspecified errors can be exploited to corrupt memory.
Successful exploitation of vulnerabilities #1, #3, #6, #7, and #9 may allow execution of arbitrary code.
Update or upgrade to Firefox versions 11.0 or 10.0.3, Thunderbird versions 11.0 or 10.0.3, and SeaMonkey version 2.8.

The Wall

No comments
You need to sign in to comment