Login
Newsletter
Werbung
Sicherheit: Mehrere Probleme in Mozilla SeaMonkey
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in Mozilla SeaMonkey
ID: openSUSE-SU-2015:1681-1
Distribution: SUSE
Plattformen: openSUSE 13.1, openSUSE 13.2
Datum: Mo, 5. Oktober 2015, 18:44
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4501
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7175
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4500
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4512
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4522
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7174
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4506
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7180
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4510
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4502
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4503
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4516
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7177
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4504
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4511
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4507
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7179
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7176
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7178
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4517
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4509
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4505
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4521
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4519
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4520
Applikationen: Mozilla SeaMonkey

Originalnachricht

 
   openSUSE Security Update: Security update for seamonkey
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2015:1681-1
Rating:             important
References:         #935979 #947003 
Cross-References:   CVE-2015-4500 CVE-2015-4501 CVE-2015-4502
                    CVE-2015-4503 CVE-2015-4504 CVE-2015-4505
                    CVE-2015-4506 CVE-2015-4507 CVE-2015-4509
                    CVE-2015-4510 CVE-2015-4511 CVE-2015-4512
                    CVE-2015-4516 CVE-2015-4517 CVE-2015-4519
                    CVE-2015-4520 CVE-2015-4521 CVE-2015-4522
                    CVE-2015-7174 CVE-2015-7175 CVE-2015-7176
                    CVE-2015-7177 CVE-2015-7178 CVE-2015-7179
                    CVE-2015-7180
Affected Products:
                    openSUSE 13.2
                    openSUSE 13.1
______________________________________________________________________________

   An update that fixes 25 vulnerabilities is now available.

Description:

   seamonkey was updated to fix 25 security issues.

   These security issues were fixed:
   - CVE-2015-4520: Mozilla Firefox before 41.0 and Firefox ESR 38.x before
     38.3 allowed remote attackers to bypass CORS preflight protection
     mechanisms by leveraging (1) duplicate cache-key generation or (2)
     retrieval of a value from an incorrect HTTP Access-Control-* response
     header (bsc#947003).
   - CVE-2015-4521: The ConvertDialogOptions function in Mozilla Firefox
     before 41.0 and Firefox ESR 38.x before 38.3 might allowed remote
     attackers to cause a denial of service (memory corruption and
     application crash) or possibly have unspecified other impact via unknown
     vectors (bsc#947003).
   - CVE-2015-4522: The nsUnicodeToUTF8::GetMaxLength function in Mozilla
     Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allowed
     remote attackers to cause a denial of service (memory corruption and
     application crash) or possibly have unspecified other impact via unknown
     vectors, related to an "overflow (bsc#947003).
   - CVE-2015-4502: js/src/proxy/Proxy.cpp in Mozilla Firefox before 41.0
     mishandled certain receiver arguments, which allowed remote attackers to
     bypass intended window access restrictions via a crafted web site
     (bsc#947003).
   - CVE-2015-4503: The TCP Socket API implementation in Mozilla Firefox
     before 41.0 mishandled array boundaries that were established with a
     navigator.mozTCPSocket.open method call and send method calls, which
     allowed remote TCP servers to obtain sensitive information from process
     memory by reading packet data, as demonstrated by availability of this
     API in a Firefox OS application (bsc#947003).
   - CVE-2015-4500: Multiple unspecified vulnerabilities in the browser
     engine in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3
     allowed remote attackers to cause a denial of service (memory corruption
     and application crash) or possibly execute arbitrary code via unknown
     vectors (bsc#947003).
   - CVE-2015-4501: Multiple unspecified vulnerabilities in the browser
     engine in Mozilla Firefox before 41.0 allowed remote attackers to cause
     a denial of service (memory corruption and application crash) or
     possibly execute arbitrary code via unknown vectors (bsc#947003).
   - CVE-2015-4506: Buffer overflow in the vp9_init_context_buffers function
     in libvpx, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x
     before 38.3, allowed remote attackers to execute arbitrary code via a
     crafted VP9 file (bsc#947003).
   - CVE-2015-4507: The SavedStacks class in the JavaScript implementation in
     Mozilla Firefox before 41.0, when the Debugger API is enabled, allowed
     remote attackers to cause a denial of service (getSlotRef assertion
     failure and application exit) or possibly execute arbitrary code via a
     crafted web site (bsc#947003).
   - CVE-2015-4504: The lut_inverse_interp16 function in the QCMS library in
     Mozilla Firefox before 41.0 allowed remote attackers to obtain sensitive
     information or cause a denial of service (buffer over-read and
     application crash) via crafted attributes in the ICC 4 profile of an
     image (bsc#947003).
   - CVE-2015-4505: updater.exe in Mozilla Firefox before 41.0 and Firefox
     ESR 38.x before 38.3 on Windows allowed local users to write to
     arbitrary files by conducting a junction attack and waiting for an
     update operation by the Mozilla Maintenance Service (bsc#947003).
   - CVE-2015-7180: The ReadbackResultWriterD3D11::Run function in Mozilla
     Firefox before 41.0 and Firefox ESR 38.x before 38.3 misinterprets the
     return value of a function call, which might allowed remote attackers to
     cause a denial of service (memory corruption and application crash) or
     possibly have unspecified other impact via unknown vectors (bsc#947003).
   - CVE-2015-4509: Use-after-free vulnerability in the HTMLVideoElement
     interface in Mozilla Firefox before 41.0 and Firefox ESR 38.x before
     38.3 allowed remote attackers to execute arbitrary code via crafted
     JavaScript code that modifies the URI table of a media element, aka
     ZDI-CAN-3176 (bsc#947003).
   - CVE-2015-7178: The ProgramBinary::linkAttributes function in libGLES in
     ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR 38.x
     before 38.3 on Windows, mishandles shader access, which allowed remote
     attackers to execute arbitrary code or cause a denial of service (memory
     corruption and application crash) via crafted (1) OpenGL or (2) WebGL
     content (bsc#947003).
   - CVE-2015-7179: The VertexBufferInterface::reserveVertexSpace function in
     libGLES in ANGLE, as used in Mozilla Firefox before 41.0 and Firefox ESR
     38.x before 38.3 on Windows, incorrectly allocates memory for shader
     attribute arrays, which allowed remote attackers to execute arbitrary
     code or cause a denial of service (buffer overflow and application
     crash) via crafted (1) OpenGL or (2) WebGL content (bsc#947003).
   - CVE-2015-7176: The AnimationThread function in Mozilla Firefox before
     41.0 and Firefox ESR 38.x before 38.3 used an incorrect argument to the
     sscanf function, which might allowed remote attackers to cause a denial
     of service (stack-based buffer overflow and application crash) or
     possibly have unspecified other impact via unknown vectors (bsc#947003).
   - CVE-2015-7177: The InitTextures function in Mozilla Firefox before 41.0
     and Firefox ESR 38.x before 38.3 might allowed remote attackers to cause
     a denial of service (memory corruption and application crash) or
     possibly have unspecified other impact via unknown vectors (bsc#947003).
   - CVE-2015-7174: The nsAttrAndChildArray::GrowBy function in Mozilla
     Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allowed
     remote attackers to cause a denial of service (memory corruption and
     application crash) or possibly have unspecified other impact via unknown
     vectors, related to an "overflow (bsc#947003).
   - CVE-2015-7175: The XULContentSinkImpl::AddText function in Mozilla
     Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allowed
     remote attackers to cause a denial of service (memory corruption and
     application crash) or possibly have unspecified other impact via unknown
     vectors, related to an "overflow (bsc#947003).
   - CVE-2015-4511: Heap-based buffer overflow in the
     nestegg_track_codec_data function in Mozilla Firefox before 41.0 and
     Firefox ESR 38.x before 38.3 allowed remote attackers to execute
     arbitrary code via a crafted header in a WebM video (bsc#947003).
   - CVE-2015-4510: Race condition in the WorkerPrivate::NotifyFeatures
     function in Mozilla Firefox before 41.0 allowed remote attackers to
     execute arbitrary code or cause a denial of service (use-after-free and
     application crash) by leveraging improper interaction between shared
     workers and the IndexedDB implementation (bsc#947003).
   - CVE-2015-4512: gfx/2d/DataSurfaceHelpers.cpp in Mozilla Firefox before
     41.0 on Linux improperly attempts to use the Cairo library with 32-bit
     color-depth surface creation followed by 16-bit color-depth surface
     display, which allowed remote attackers to obtain sensitive information
     from process memory or cause a denial of service (out-of-bounds read) by
     using a CANVAS element to trigger 2D rendering (bsc#947003).
   - CVE-2015-4517: NetworkUtils.cpp in Mozilla Firefox before 41.0 and
     Firefox ESR 38.x before 38.3 might allowed remote attackers to cause a
     denial of service (memory corruption and application crash) or possibly
     have unspecified other impact via unknown vectors (bsc#947003).
   - CVE-2015-4516: Mozilla Firefox before 41.0 allowed remote attackers to
     bypass certain ECMAScript 5 (aka ES5) API protection mechanisms and
     modify immutable properties, and consequently execute arbitrary
     JavaScript code with chrome privileges, via a crafted web page that did
     not use ES5 APIs (bsc#947003).
   - CVE-2015-4519: Mozilla Firefox before 41.0 and Firefox ESR 38.x before
     38.3 allowed user-assisted remote attackers to bypass intended access
     restrictions and discover a redirect's target URL via crafted
 JavaScript
     code that executes after a drag-and-drop action of an image into a
     TEXTBOX element (bsc#947003).


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 13.2:

      zypper in -t patch openSUSE-2015-632=1

   - openSUSE 13.1:

      zypper in -t patch openSUSE-2015-632=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE 13.2 (i586 x86_64):

      seamonkey-2.38-20.2
      seamonkey-debuginfo-2.38-20.2
      seamonkey-debugsource-2.38-20.2
      seamonkey-dom-inspector-2.38-20.2
      seamonkey-irc-2.38-20.2
      seamonkey-translations-common-2.38-20.2
      seamonkey-translations-other-2.38-20.2

   - openSUSE 13.1 (i586 x86_64):

      seamonkey-2.38-56.1
      seamonkey-debuginfo-2.38-56.1
      seamonkey-debugsource-2.38-56.1
      seamonkey-dom-inspector-2.38-56.1
      seamonkey-irc-2.38-56.1
      seamonkey-translations-common-2.38-56.1
      seamonkey-translations-other-2.38-56.1


References:

   https://www.suse.com/security/cve/CVE-2015-4500.html
   https://www.suse.com/security/cve/CVE-2015-4501.html
   https://www.suse.com/security/cve/CVE-2015-4502.html
   https://www.suse.com/security/cve/CVE-2015-4503.html
   https://www.suse.com/security/cve/CVE-2015-4504.html
   https://www.suse.com/security/cve/CVE-2015-4505.html
   https://www.suse.com/security/cve/CVE-2015-4506.html
   https://www.suse.com/security/cve/CVE-2015-4507.html
   https://www.suse.com/security/cve/CVE-2015-4509.html
   https://www.suse.com/security/cve/CVE-2015-4510.html
   https://www.suse.com/security/cve/CVE-2015-4511.html
   https://www.suse.com/security/cve/CVE-2015-4512.html
   https://www.suse.com/security/cve/CVE-2015-4516.html
   https://www.suse.com/security/cve/CVE-2015-4517.html
   https://www.suse.com/security/cve/CVE-2015-4519.html
   https://www.suse.com/security/cve/CVE-2015-4520.html
   https://www.suse.com/security/cve/CVE-2015-4521.html
   https://www.suse.com/security/cve/CVE-2015-4522.html
   https://www.suse.com/security/cve/CVE-2015-7174.html
   https://www.suse.com/security/cve/CVE-2015-7175.html
   https://www.suse.com/security/cve/CVE-2015-7176.html
   https://www.suse.com/security/cve/CVE-2015-7177.html
   https://www.suse.com/security/cve/CVE-2015-7178.html
   https://www.suse.com/security/cve/CVE-2015-7179.html
   https://www.suse.com/security/cve/CVE-2015-7180.html
   https://bugzilla.suse.com/935979
   https://bugzilla.suse.com/947003

-- 
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung