1. Server >
  2. Unix Server >
  3. USN-2917-1: Firefox vulnerabilities


ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

USN-2917-1: Firefox vulnerabilities

RSS Kategorie Pfeil Unix Server vom | Quelle: ubuntu.com Direktlink öffnen

Ubuntu Security Notice USN-2917-1

9th March, 2016

firefox vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 15.10
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

Firefox could be made to crash or run programs as your login if it opened a malicious website.

Software description

  • firefox - Mozilla Open Source web browser

Details

Francis Gabriel discovered a buffer overflow during ASN.1 decoding in NSS.
If a user were tricked in to opening a specially crafted website, an
attacker could potentially exploit this to cause a denial of service via
application crash, or execute arbitrary code with the privileges of the
user invoking Firefox. (CVE-2016-1950)

Bob Clary, Christoph Diehl, Christian Holler, Andrew McCreight, Daniel
Holbert, Jesse Ruderman, Randell Jesup, Carsten Book, Gian-Carlo Pascutto,
Tyson Smith, Andrea Marchesini, and Jukka Jylänki discovered multiple
memory safety issues in Firefox. If a user were tricked in to opening a
specially crafted website, an attacker could potentially exploit these to
cause a denial of service via application crash, or execute arbitrary code
with the privileges of the user invoking Firefox. (CVE-2016-1952,
CVE-2016-1953)

Nicolas Golubovic discovered that CSP violation reports can be used to
overwrite local files. If a user were tricked in to opening a specially
crafted website with addon signing disabled and unpacked addons installed,
an attacker could potentially exploit this to gain additional privileges.
(CVE-2016-1954)

Muneaki Nishimura discovered that CSP violation reports contained full
paths for cross-origin iframe navigations. An attacker could potentially
exploit this to steal confidential data. (CVE-2016-1955)

Ucha Gobejishvili discovered that performing certain WebGL operations
resulted in memory resource exhaustion with some Intel GPUs, requiring
a reboot. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit this to cause a denial
of service. (CVE-2016-1956)

Jose Martinez and Romina Santillan discovered a memory leak in
libstagefright during MPEG4 video file processing in some circumstances.
If a user were tricked in to opening a specially crafted website, an
attacker could potentially exploit this to cause a denial of service via
memory exhaustion. (CVE-2016-1957)

Abdulrahman Alqabandi discovered that the addressbar could be blank or
filled with page defined content in some circumstances. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit this to conduct URL spoofing attacks. (CVE-2016-1958)

Looben Yang discovered an out-of-bounds read in Service Worker Manager. If
a user were tricked in to opening a specially crafted website, an attacker
could potentially exploit this to cause a denial of service via
application crash, or execute arbitrary code with the privileges of the
user invoking Firefox. (CVE-2016-1959)

A use-after-free was discovered in the HTML5 string parser. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit this to cause a denial of service via application
crash, or execute arbitrary code with the privileges of the user invoking
Firefox. (CVE-2016-1960)

A use-after-free was discovered in the SetBody function of HTMLDocument.
If a user were tricked in to opening a specially crafted website, an
attacker could potentially exploit this to cause a denial of service via
application crash, or execute arbitrary code with the privileges of the
user invoking Firefox. (CVE-2016-1961)

Dominique Hazaël-Massieux discovered a use-after-free when using multiple
WebRTC data channels. If a user were tricked in to opening a specially
crafted website, an attacker could potentially exploit this to cause a
denial of service via application crash, or execute arbitrary code with
the privileges of the user invoking Firefox. (CVE-2016-1962)

It was discovered that Firefox crashes when local files are modified
whilst being read by the FileReader API. If a user were tricked in to
opening a specially crafted website, an attacker could potentially exploit
this to execute arbitrary code with the privileges of the user invoking
Firefox. (CVE-2016-1963)

Nicolas Grégoire discovered a use-after-free during XML transformations.
If a user were tricked in to opening a specially crafted website, an
attacker could potentially exploit this to cause a denial of service via
application crash, or execute arbitrary code with the privileges of the
user invoking Firefox. (CVE-2016-1964)

Tsubasa Iinuma discovered a mechanism to cause the addressbar to display
an incorrect URL, using history navigations and the Location protocol
property. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit this to conduct URL
spoofing attacks. (CVE-2016-1965)

A memory corruption issues was discovered in the NPAPI subsystem. If
a user were tricked in to opening a specially crafted website with a
malicious plugin installed, an attacker could potentially exploit this
to cause a denial of service via application crash, or execute arbitrary
code with the privileges of the user invoking Firefox. (CVE-2016-1966)

Jordi Chancel discovered a same-origin-policy bypass when using
performance.getEntries and history navigation with session restore. If
a user were tricked in to opening a specially crafted website, an attacker
could potentially exploit this to steal confidential data. (CVE-2016-1967)

Luke Li discovered a buffer overflow during Brotli decompression in some
circumstances. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit this to cause a denial of
service via application crash, or execute arbitrary code with the
privileges of the user invoking Firefox. (CVE-2016-1968)

Ronald Crane discovered a use-after-free in GetStaticInstance in WebRTC.
If a user were tricked in to opening a specially crafted website, an
attacker could potentially exploit this to cause a denial of service via
application crash, or execute arbitrary code with the privileges of the
user invoking Firefox. (CVE-2016-1973)

Ronald Crane discovered an out-of-bounds read following a failed
allocation in the HTML parser in some circumstances. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit this to cause a denial of service via application
crash, or execute arbitrary code with the privileges of the user invoking
Firefox. (CVE-2016-1974)

Holger Fuhrmannek, Tyson Smith and Holger Fuhrmannek reported multiple
memory safety issues in the Graphite 2 library. If a user were tricked in
to opening a specially crafted website, an attacker could potentially
exploit these to cause a denial of service via application crash, or
execute arbitrary code with the privileges of the user invoking Firefox.
(CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792,
CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797,
CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802)

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 15.10:
firefox 45.0+build2-0ubuntu0.15.10.1
Ubuntu 14.04 LTS:
firefox 45.0+build2-0ubuntu0.14.04.1
Ubuntu 12.04 LTS:
firefox 45.0+build2-0ubuntu0.12.04.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart Firefox to make
all the necessary changes.

References

CVE-2016-1950, CVE-2016-1952, CVE-2016-1953, CVE-2016-1954, CVE-2016-1955, CVE-2016-1956, CVE-2016-1957, CVE-2016-1958, CVE-2016-1959, CVE-2016-1960, CVE-2016-1961, CVE-2016-1962, CVE-2016-1963, CVE-2016-1964, CVE-2016-1965, CVE-2016-1966, CVE-2016-1967, CVE-2016-1968, CVE-2016-1973, CVE-2016-1974, CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802

...

Webseite öffnen Komplette Webseite öffnen

Newsbewertung

Kommentiere zu USN-2917-1: Firefox vulnerabilities






Ähnliche Beiträge

  • 1. USN-2917-2: Firefox regressions vom 192.16 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-2917-2 7th April, 2016 firefox regressions A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary USN-2917-1 introduced several regressions in Fir
  • 2. USN-2917-2: Firefox regressions vom 192.16 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-2917-2 7th April, 2016 firefox regressions A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary USN-2917-1 introduced several regressions in Fir
  • 3. USN-2917-2: Firefox regressions vom 192.16 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-2917-2 7th April, 2016 firefox regressions A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary USN-2917-1 introduced several regressions in Fir
  • 4. USN-2917-3: Firefox regressions vom 192.16 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-2917-3 19th April, 2016 firefox regressions A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary USN-2917-1 introduced several regressions in Fir
  • 5. Circle with Disney 2.0.1 Notification Network Packet OS Command Injection erweiterte Rechte vom 153.5 Punkte ic_school_black_18dp
    Es wurde eine Schwachstelle in Circle with Disney 2.0.1 gefunden. Sie wurde als kritisch eingestuft. Dabei betrifft es eine unbekannte Funktion der Komponente Notification Handler. Durch Beeinflussen durch Network Packet kann eine erweiterte Rechte-Sch
  • 6. r/linux Discusses: Web Browsers and You - How to protect yourself online and bring about a free and open web vom 150.83 Punkte ic_school_black_18dp
    Google, who makes their money from Ads, is planning to remove a key component that allows adblocking to be effective in Google Chrome standard edition. While there will still be adblockers on the Chrome/Blink platform they will not work as well as othe
  • 7. USN-2917-1: Firefox vulnerabilities vom 133 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-2917-1 9th March, 2016 firefox vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Firefox could be made to crash or r
  • 8. IBM TRIRIGA Applications bis 10.4/10.5.0 Notification Password Information Disclosure vom 131.57 Punkte ic_school_black_18dp
    Eine problematische Schwachstelle wurde in IBM TRIRIGA Applications bis 10.4/10.5.0 ausgemacht. Hierbei geht es um eine unbekannte Funktion der Komponente Notification. Durch das Manipulieren mit einer unbekannten Eingabe kann eine Information Disclosure-S
  • 9. USN-2833-1: Firefox vulnerabilities vom 103.72 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-2833-1 15th December, 2015 firefox vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 15.04 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Firefox could
  • 10. USN-2936-3: Firefox regression vom 100.62 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-2936-3 18th May, 2016 firefox regression A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary USN-2936-1 introduced a re
  • 11. USN-2880-2: Firefox regression vom 95.53 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-2880-2 8th February, 2016 firefox regression A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary USN-2880-1 introduced a regression in
  • 12. USN-3175-2: Firefox regression vom 89.58 Punkte ic_school_black_18dp
    Ubuntu Security Notice USN-3175-2 6th February, 2017 firefox regression A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary USN-3175-1 intr