Sicherheit: Mehrere Probleme in Mozilla Firefox

Lesezeichen hinzufügen

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============2139069202913760781==
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature";
boundary="Q6DUBhV3tp5dc48UQIThLruBEH1d8M6qE"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--Q6DUBhV3tp5dc48UQIThLruBEH1d8M6qE
Content-Type: text/plain; charset=windows-125
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-2424-1
December 02, 2014

firefox vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 14.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS

Summary:

Firefox could be made to crash or run programs as your login if it
opened a malicious website.

Software Description:
- firefox: Mozilla Open Source web browser

Details:

Gary Kwong, Randell Jesup, Nils Ohlmeier, Jesse Ruderman, Max Jonas
Werner, Christian Holler, Jon Coppeard, Eric Rahm, Byron Campen, Eric
Rescorla, and Xidorn Quan discovered multiple memory safety issues in
Firefox. If a user were tricked in to opening a specially crafted website,
an attacker could potentially exploit these to cause a denial of service
via application crash, or execute arbitrary code with the privileges of
the user invoking Firefox. (CVE-2014-1587, CVE-2014-1588)

Cody Crews discovered a way to trigger chrome-level XBL bindings from web
content in some circumstances. If a user were tricked in to opening a
specially crafted website, an attacker could potentially exploit this to
bypass security restrictions. (CVE-2014-1589)

Joe Vennix discovered a crash when using XMLHttpRequest in some
circumstances. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit this to cause a denial of
service. (CVE-2014-1590)

Muneaki Nishimura discovered that CSP violation reports did not remove
path information in some circumstances. If a user were tricked in to
opening a specially crafted website, an attacker could potentially
exploit this to obtain sensitive information. (CVE-2014-1591)

Berend-Jan Wever discovered a use-after-free during HTML parsing. If a
user were tricked in to opening a specially crafted website, an attacker
could potentially exploit this to cause a denial of service via
application crash or execute arbitrary code with the privileges of the
user invoking Firefox. (CVE-2014-1592)

Abhishek Arya discovered a buffer overflow when parsing media content. If
a user were tricked in to opening a specially crafted website, an attacker
could potentially exploit this to cause a denial of service via
application crash or execute arbitrary code with the privileges of the
user invoking Firefox. (CVE-2014-1593)

Byoungyoung Lee, Chengyu Song, and Taesoo Kim discovered a bad cast in the
compositor. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit this to cause undefined
behaviour, a denial of service via application crash or execute abitrary
code with the privileges of the user invoking Firefox. (CVE-2014-1594)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.10:
firefox 34.0+build2-0ubuntu0.14.10.2

Ubuntu 14.04 LTS:
firefox 34.0+build2-0ubuntu0.14.04.1

Ubuntu 12.04 LTS:
firefox 34.0+build2-0ubuntu0.12.04.1

After a standard system update you need to restart Firefox to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2424-1
CVE-2014-1587, CVE-2014-1588, CVE-2014-1589, CVE-2014-1590,
CVE-2014-1591, CVE-2014-1592, CVE-2014-1593, CVE-2014-1594

Package Information:
https://launchpad.net/ubuntu/+source/firefox/34.0+build2-0ubuntu0.14.10.2
https://launchpad.net/ubuntu/+source/firefox/34.0+build2-0ubuntu0.14.04.1
https://launchpad.net/ubuntu/+source/firefox/34.0+build2-0ubuntu0.12.04.1

--Q6DUBhV3tp5dc48UQIThLruBEH1d8M6qE
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJUfd6rAAoJEGEfvezVlG4PG5kIAJ9o0mXUFL7nJicWlKV/WWS4
brzBMkQBnL61j+3NM59+adhTEk5a3cP6Cff9daEWLN+izkHwJrZKXQsgb7RXghdg
+t7WjgMoAwWUMmiQ5OHrdo5DY5OSBCjaci9JOe+ntX2A8RadoQZ/9GzEqsIssD+i
X9pQsdjcvboWPUHJ54+Oo2H0DVx/TBa4UqyufwE4N6t9O+84O6zTLw/TSf5/MaYa
8IkxIF2HFxTWg2nsCE90s6Of4UdlJD+34Qpl9UvfwzHaA+CwR2g8lvzJkuPVEMi0
6K77NhnC6alGtC/biv8IlaDWIb4v/6ePtcwUN/Hdr1G1O8b02Yb2c/dUUw4dAuI=
=x8DK
-----END PGP SIGNATURE-----

--Q6DUBhV3tp5dc48UQIThLruBEH1d8M6qE--

--===============2139069202913760781==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============2139069202913760781==--