1. Server >
  2. Unix Server >
  3. USN-3260-1: Firefox vulnerabilities


ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

USN-3260-1: Firefox vulnerabilities

RSS Kategorie Pfeil Unix Server vom | Quelle: ubuntu.com Direktlink öffnen

Ubuntu Security Notice USN-3260-1

21st April, 2017

firefox vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 17.04
  • Ubuntu 16.10
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary

Firefox could be made to crash or run programs as your login if it opened a malicious website.

Software description

  • firefox - Mozilla Open Source web browser

Details

Multiple security issues were discovered in Firefox. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to read uninitialized memory, obtain sensitive
information, spoof the addressbar contents or other UI elements, escape
the sandbox to read local files, conduct cross-site scripting (XSS)
attacks, cause a denial of service via application crash, or execute
arbitrary code. (CVE-2017-5429, CVE-2017-5430, CVE-2017-5432,
CVE-2017-5433, CVE-2017-5434, CVE-2017-5435, CVE-2017-5436, CVE-2017-5437,
CVE-2017-5438, CVE-2017-5439, CVE-2017-5440, CVE-2017-5441, CVE-2017-5442,
CVE-2017-5443, CVE-2017-5444, CVE-2017-5445, CVE-2017-5446, CVE-2017-5447,
CVE-2017-5448, CVE-2017-5449, CVE-2017-5451, CVE-2017-5453, CVE-2017-5454,
CVE-2017-5455, CVE-2017-5456, CVE-2017-5458, CVE-2017-5459, CVE-2017-5460,
CVE-2017-5461, CVE-2017-5464, CVE-2017-5465, CVE-2017-5466, CVE-2017-5467,
CVE-2017-5468, CVE-2017-5469)

A flaw was discovered in the DRBG number generation in NSS. If an
attacker were able to perform a man-in-the-middle attack, this flaw
could potentially be exploited to view sensitive information.
(CVE-2017-5462)

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 17.04:
firefox 53.0+build6-0ubuntu0.17.04.1
Ubuntu 16.10:
firefox 53.0+build6-0ubuntu0.16.10.1
Ubuntu 16.04 LTS:
firefox 53.0+build6-0ubuntu0.16.04.1
Ubuntu 14.04 LTS:
firefox 53.0+build6-0ubuntu0.14.04.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart Firefox to make
all the necessary changes.

References

CVE-2017-5429, CVE-2017-5430, CVE-2017-5432, CVE-2017-5433, CVE-2017-5434, CVE-2017-5435, CVE-2017-5436, CVE-2017-5437, CVE-2017-5438, CVE-2017-5439, CVE-2017-5440, CVE-2017-5441, CVE-2017-5442, CVE-2017-5443, CVE-2017-5444, CVE-2017-5445, CVE-2017-5446, CVE-2017-5447, CVE-2017-5448, CVE-2017-5449, CVE-2017-5451, CVE-2017-5453, CVE-2017-5454, CVE-2017-5455, CVE-2017-5456, CVE-2017-5458, CVE-2017-5459, CVE-2017-5460, CVE-2017-5461, CVE-2017-5462, CVE-2017-5464, CVE-2017-5465, CVE-2017-5466, CVE-2017-5467, CVE-2017-5468, CVE-2017-5469

...

Webseite öffnen Komplette Webseite öffnen

Newsbewertung

Kommentiere zu USN-3260-1: Firefox vulnerabilities






Ähnliche Beiträge

  • 1. Pacom 1000 CCI/RTU GMS Spoofing [CVE-2014-3260] vom 197.61 Punkte ic_school_black_18dp
    Allgemein scipID: 79948 Betroffen: Pacom 1000 CCI/RTU GMS Veröffentlicht: 31.12.2015 Risiko: kritisch Erstellt: 02.01.2016 Eintrag: 63.7% komplett Beschreibung In Pacom 1000 CCI sowie RTU GMS – eine genaue Versionsangabe ist nicht m&o
  • 2. r/linux Discusses: Web Browsers and You - How to protect yourself online and bring about a free and open web vom 146.33 Punkte ic_school_black_18dp
    Google, who makes their money from Ads, is planning to remove a key component that allows adblocking to be effective in Google Chrome standard edition. While there will still be adblockers on the Chrome/Blink platform they will not work as well as othe
  • 3. USN-3260-2: Firefox regression vom 143.1 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-3260-2 11th May, 2017 firefox regression A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary USN-3260-1 caused a regres
  • 4. USN-2917-2: Firefox regressions vom 123.08 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-2917-2 7th April, 2016 firefox regressions A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary USN-2917-1 introduced several regressions in Fir
  • 5. USN-2917-2: Firefox regressions vom 123.08 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-2917-2 7th April, 2016 firefox regressions A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary USN-2917-1 introduced several regressions in Fir
  • 6. USN-2917-2: Firefox regressions vom 123.08 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-2917-2 7th April, 2016 firefox regressions A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary USN-2917-1 introduced several regressions in Fir
  • 7. USN-2917-3: Firefox regressions vom 123.08 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-2917-3 19th April, 2016 firefox regressions A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary USN-2917-1 introduced several regressions in Fir
  • 8. Microsoft Edge Scripting Engine Pufferüberlauf [CVE-2016-3260] vom 118.57 Punkte ic_school_black_18dp
    Es wurde eine Schwachstelle in Microsoft Edge - die betroffene Version ist nicht klar definiert - ausgemacht. Sie wurde als kritisch eingestuft. Es betrifft eine unbekannte Funktion der Komponente Scripting Engine. Mit der Manipulation mit einer unbekann
  • 9. USN-3991-3: Firefox regression vom 110.51 Punkte ic_school_black_18dp
    firefox regression A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.04 Ubuntu 18.10 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary USN-3991-2 caused a regression in Firefox Software Description firefox - Mozilla Open So
  • 10. USN-2917-1: Firefox vulnerabilities vom 107.95 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-2917-1 9th March, 2016 firefox vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Firefox could be made to crash or r
  • 11. USN-2833-1: Firefox vulnerabilities vom 100.82 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-2833-1 15th December, 2015 firefox vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 15.04 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Firefox could
  • 12. USN-2936-3: Firefox regression vom 98.1 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-2936-3 18th May, 2016 firefox regression A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary USN-2936-1 introduced a re