drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in unity-firefox-extension
Name: |
Ausführen beliebiger Kommandos in unity-firefox-extension |
|
ID: |
USN-1639-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 12.10 |
|
Datum: |
Do, 22. November 2012, 20:49 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0960
https://launchpad.net/ubuntu/+source/unity-firefox-extension/2.4.1-0ubuntu1.1 |
|
Applikationen: |
unity-firefox-extension |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --===============3649529665688277400== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enig30A05F030DD4F50BF94715E7"
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig30A05F030DD4F50BF94715E7 Content-Type: text/plain; charset=ISO-8859- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-1639-1 November 22, 2012
unity-firefox-extension vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.10
Summary:
unity-firefox-extension could be made to crash or run programs as your login if it opened a malicious website.
Software Description: - unity-firefox-extension: Firefox extension: Unity Integration
Details:
It was discovered that unity-firefox-extension incorrectly handled certain callbacks. A remote attacker could use this issue to cause unity-firefox-extension to crash, resulting in a denial of service, or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.10: xul-ext-unity 2.4.1-0ubuntu1.1
After a standard system update you need to restart Firefox to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-1639-1 CVE-2012-0960
Package Information:
https://launchpad.net/ubuntu/+source/unity-firefox-extension/2.4.1-0ubuntu1.1
--------------enig30A05F030DD4F50BF94715E7 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/
iQIcBAEBCgAGBQJQrmvWAAoJEGVp2FWnRL6Tt8gP/3oBDyisLL3jXlZmyuCq6nDK 5DXCG03LZ6nE4RZUytGX6T3e2aHqq6ZgskwMMjm3YGTwALQYCKkLbxmxOckle6pr XvSF30MJeej6/0UBpJgcfcLK+9YDPoNjbXPT83gfufaWLM+Hiyzc91IxNogead0d qokAaH21x3wBThSw9fm9nVYpWasfQlZaV+HqPwDgd2yec7ulwwJHnI4LUEI2w5Kl 3Hl4cxXtvHX2K6yI/9FSsO/ui2n6M2j4m4dYkVQoT1L8QXtWTJq3rzng0sAIVK/N 84RfV1ynvpU8Vzk0vHsoCyz1hzFKzpelldwWZhetbewSobp7FETcvJpzFOvZx4C5 6tNxYJCRZNXwu1VmICRz8ydSCFkplv4Hd4pu4nosdjcwpSDIh39FCuHZZtiRjPgK j5A3E7EJO/jlTaWmNte8HRzckDJgv25YegRcZZIXutGW7+WZXyE5/KA1vQJu0JC4 Fge1N3FX/4X6a7z5eEndtCmZqUkB3HspN6u5P7wHxd6IS0vv3wObIrNJKZdG9W2P f/vpr0AkgTQj9/+kIPO4ez2rWrF2Q9GSrE1r+be9fwgRNDxT29lXpvq8vTmW9o9C zuNlAnhLFZ5EzjmVnlRqLzen3BLdW6yMLqJ66kcRrAdu4Ofr1Fqf0QG8djV4ikvy dGX+9RR07okwCrUpvnSy =xamd -----END PGP SIGNATURE-----
--------------enig30A05F030DD4F50BF94715E7--
--===============3649529665688277400== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============3649529665688277400==--
|
|
|
|