USN-1463-3 : firefox regressions

NASLDB: USN-1463-3 : firefox regressions

General

ID: 59640
Name: USN-1463-3 : firefox regressions

Summary: Checks dpkg output for updated package(s)

Credits: –

Classification

Risk: –

CVSS: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Base Vector: –
CVSS Temporal Vector: –

Port: 0
Family: Ubuntu Local Security Checks
Type: Local

Description

USN-1463-1 fixed vulnerabilities in Firefox. The new package caused a
regression in the rendering of Hebrew text and the ability of the
Hotmail inbox to auto-update. This update fixes the problem.

Original advisory details:

Jesse Ruderman, Igor Bukanov, Bill McCloskey, Christian Holler,
Andrew McCreight, Olli Pettay, Boris Zbarsky, and Brian Bondy
discovered memory safety issues affecting Firefox. If the user were
tricked into opening a specially crafted page, an attacker could
possibly exploit these to cause a denial of service via application
crash, or potentially execute code with the privileges of the user
invoking Firefox. (CVE-2012-1937, CVE-2012-1938)

It was discovered that Mozilla’s WebGL implementation exposed a bug
in certain NVIDIA graphics drivers. The impact of this issue has not
been disclosed at this time. (CVE-2011-3101)

Adam Barth discovered that certain inline event handlers were not
being blocked properly by the Content Security Policy’s (CSP)
inline-script blocking feature. Web applications relying on this
feature of CSP to protect against cross-site scripting (XSS) were not
fully protected. With cross-site scripting vulnerabilities, if a user
were tricked into viewing a specially crafted page, a remote attacker
could exploit this to modify the contents, or steal confidential
data, within the same domain. (CVE-2012-1944)

Paul Stone discovered that a viewed HTML page hosted on a Windows or
Samba share could load Windows shortcut files (.lnk) in the same
share. These shortcut files could then link to arbitrary locations on
the local file system of the individual loading the HTML page. An
attacker could potentially use this vulnerability to show the
contents of these linked files or directories in an iframe, resulting
in information disclosure. (CVE-2012-1945)

Arthur Gerkis discovered a use-after-free vulnerability while
replacing/inserting a node in a document. If the user were tricked
into opening a specially crafted page, an attacker could possibly
exploit this to cause a denial of service via application crash, or
potentially execute code with the privileges of the user invoking
Firefox. (CVE-2012-1946)

Kaspar Brand discovered a vulnerability in how the Network Security
Services (NSS) ASN.1 decoder handles zero length items. If the user
were tricked into opening a specially crafted page, an attacker could
possibly exploit this to cause a denial of service via application
crash. (CVE-2012-0441)

Abhishek Arya discovered two buffer overflow and one use-after-free
vulnerabilities. If the user were tricked into opening a specially
crafted page, an attacker could possibly exploit these to cause a
denial of service via application crash, or potentially execute code
with the privileges of the user invoking Firefox. (CVE-2012-1940,
CVE-2012-1941, CVE-2012-1947)