MozillaFirefoxMozillaFirefox: Security update to version 2.0.0.15MozillaFirefox: Security Update auf Version 2.0.0.15Mozilla Firefox was updated to version 2.0.0.15, fixing
various bugs including following security bugs:
CVE-2008-2798 CVE-2008-2799 MFSA-2008-21: Mozilla
developers identified and fixed several stability bugs in
the browser engine used in Firefox and other Mozilla-based
products. Some of these crashes showed evidence of memory
corruption under certain circumstances and we presume that
with enough effort at least some of these could be
exploited to run arbitrary code.
CVE-2008-2800 MFSA-2008-22: Mozilla contributor
moz_bug_r_a4 submitted a set of vulnerabilities which allow
scripts from one document to be executed in the context of
a different document. These vulnerabilities could be used
by an attacker to violate the same-origin policy and
perform an XSS attack.
CVE-2008-2801 MFSA-2008-23: Security researcher Collin
Jackson reported a series of vulnerabilities which allow
JavaScript to be injected into signed JARs and executed
under the context of the JAR's signer. This could allow an
attacker to run JavaScript in a victim's browser with the
privileges of a different website, provided the attacker
possesses a JAR signed by the other website.
CVE-2008-2802 MFSA-2008-24: Mozilla contributor
moz_bug_r_a4 reported a vulnerability that allowed
non-priviliged XUL documents to load chrome scripts from
the fastload file. This could allow an attacker to run
arbitrary JavaScript code with chrome privileges.
CVE-2008-2803 MFSA-2008-25: Mozilla contributor
moz_bug_r_a4 reported a vulnerability which allows
arbitrary JavaScript to be executed with chrome privileges.
The privilege escalation was possible because JavaScript
loaded via mozIJSSubScriptLoader.loadSubScript() was not
using XPCNativeWrappers when accessing content. This could
allow an attacker to overwrite trusted objects with
arbitrary code which would be executed with chrome
privileges when the trusted objects were called by the
browser.
CVE-2008-2805 MFSA-2008-27: Opera developer Claudio
Santambrogio reported a vulnerability which allows
malicious content to force the browser into uploading local
files to the remote server. This could be used by an
attacker to steal arbitrary files from a victim's
computer.
CVE-2008-2806 MFSA-2008-28: Security researcher Gregory
Fleischer reported a vulnerability in the way Mozilla
indicates the origin of a document to the Java plugin. This
vulnerability could allow a malicious Java applet to bypass
the same-origin policy and create arbitrary socket
connections to other domains.
CVE-2008-2807 MFSA-2008-29: Mozilla developer Daniel
Glazman demonstrated that an improperly encoded .properties
file in an add-on can result in uninitialized memory being
used. This could potentially result in small chunks of data
from other programs being exposed in the browser.
CVE-2008-2808 MFSA-2008-30: Mozilla contributor Masahiro
Yamada reported that file URLs in directory listings were
not being HTML escaped properly when the filenames
contained particular characters. This resulted in files
from directory listings being opened in unintended ways or
files not being able to be opened by the browser
altogether.
CVE-2008-2809 MFSA-2008-31: Mozilla developer John G. Myers
reported a weakness in the trust model used by Mozilla
regarding alternate names on self-signed certificates. A
user could be prompted to accept a self-signed certificate
from a website which includes alt-name entries. If the
user accepted the certificate, they would also extend trust
to any alternate domains listed in the certificate, despite
not being prompted about the additional domains. This
technique could be used by an attacker to impersonate
another server.
CVE-2008-2810 MFSA-2008-32: Mozilla community member Geoff
reported a vulnerability in the way Mozilla opens URL files
sent directly to the browser. He demonstrated that such
files were opened with local file privileges, giving the
remote content access to read from the local
filesystem. If a user opened a bookmark to a malicious page
in this manner, the page could potentially read from other
local files on the user's computer.
CVE-2008-2811 MFSA 2008-33: Security research firm Astabis,
via the iSIGHT Partners GVP Program, reported a
vulnerability in Mozilla's block reflow code. This
vulnerablitity could be used by an attacker to crash the
browser and run arbitrary code on the victim's computer.
Mozilla Firefox wurde auf Version 2.0.0.15 gebracht, die
verschiedene Fehler inklusive folgender Sicherheitsfehler
behebt:
CVE-2008-2798 CVE-2008-2799 MFSA-2008-21: Mozilla
developers identified and fixed several stability bugs in
the browser engine used in Firefox and other Mozilla-based
products. Some of these crashes showed evidence of memory
corruption under certain circumstances and we presume that
with enough effort at least some of these could be
exploited to run arbitrary code.
CVE-2008-2800 MFSA-2008-22: Mozilla contributor
moz_bug_r_a4 submitted a set of vulnerabilities which allow
scripts from one document to be executed in the context of
a different document. These vulnerabilities could be used
by an attacker to violate the same-origin policy and
perform an XSS attack.
CVE-2008-2801 MFSA-2008-23: Security researcher Collin
Jackson reported a series of vulnerabilities which allow
JavaScript to be injected into signed JARs and executed
under the context of the JAR's signer. This could allow an
attacker to run JavaScript in a victim's browser with the
privileges of a different website, provided the attacker
possesses a JAR signed by the other website.
CVE-2008-2802 MFSA-2008-24: Mozilla contributor
moz_bug_r_a4 reported a vulnerability that allowed
non-priviliged XUL documents to load chrome scripts from
the fastload file. This could allow an attacker to run
arbitrary JavaScript code with chrome privileges.
CVE-2008-2803 MFSA-2008-25: Mozilla contributor
moz_bug_r_a4 reported a vulnerability which allows
arbitrary JavaScript to be executed with chrome privileges.
The privilege escalation was possible because JavaScript
loaded via mozIJSSubScriptLoader.loadSubScript() was not
using XPCNativeWrappers when accessing content. This could
allow an attacker to overwrite trusted objects with
arbitrary code which would be executed with chrome
privileges when the trusted objects were called by the
browser.
CVE-2008-2805 MFSA-2008-27: Opera developer Claudio
Santambrogio reported a vulnerability which allows
malicious content to force the browser into uploading local
files to the remote server. This could be used by an
attacker to steal arbitrary files from a victim's
computer.
CVE-2008-2806 MFSA-2008-28: Security researcher Gregory
Fleischer reported a vulnerability in the way Mozilla
indicates the origin of a document to the Java plugin. This
vulnerability could allow a malicious Java applet to bypass
the same-origin policy and create arbitrary socket
connections to other domains.
CVE-2008-2807 MFSA-2008-29: Mozilla developer Daniel
Glazman demonstrated that an improperly encoded .properties
file in an add-on can result in uninitialized memory being
used. This could potentially result in small chunks of data
from other programs being exposed in the browser.
CVE-2008-2808 MFSA-2008-30: Mozilla contributor Masahiro
Yamada reported that file URLs in directory listings were
not being HTML escaped properly when the filenames
contained particular characters. This resulted in files
from directory listings being opened in unintended ways or
files not being able to be opened by the browser
altogether.
CVE-2008-2809 MFSA-2008-31: Mozilla developer John G. Myers
reported a weakness in the trust model used by Mozilla
regarding alternate names on self-signed certificates. A
user could be prompted to accept a self-signed certificate
from a website which includes alt-name entries. If the
user accepted the certificate, they would also extend trust
to any alternate domains listed in the certificate, despite
not being prompted about the additional domains. This
technique could be used by an attacker to impersonate
another server.
CVE-2008-2810 MFSA-2008-32: Mozilla community member Geoff
reported a vulnerability in the way Mozilla opens URL files
sent directly to the browser. He demonstrated that such
files were opened with local file privileges, giving the
remote content access to read from the local
filesystem. If a user opened a bookmark to a malicious page
in this manner, the page could potentially read from other
local files on the user's computer.
CVE-2008-2811 MFSA 2008-33: Security research firm Astabis,
via the iSIGHT Partners GVP Program, reported a
vulnerability in Mozilla's block reflow code. This
vulnerablitity could be used by an attacker to crash the
browser and run arbitrary code on the victim's computer.
securityMozillaFirefoxi586b95d398802d3e1d0b153141dc02ac56af627d393494feab2d10b7f73c8aa6061f6df0a585a0233505b7b33897e855076cdf82a12294c63974b449a90MozillaFirefoxppc6c1dff4f6c7e3d1bc079b69090bdc11d86e359fb4621671a1af26dae515ef9dba3d50b92eef8e2527ff34b12d29949d42519901beca445acee72e975014fde40a9e54e3f086f7a554acfd4e9dff72becMozillaFirefoxx86_64a5ad49c9d9f7efc7a955c588dfe020711800ff91d4361dd6b2f9a78fe1bc6e651359c073ace27aff662843dfad01a91dd3e309ded8c24d68427cbeffMozillaFirefox-translationsi5864f60cfef6d0a6eba1941b9d7468c643149170ada681dec5408cfbf16bd9d754c8203d4c781378303302469002727dff1b45a1c90ab019052cc23f2ba890bd02dcc42e0c60a4225b7a85b5a1d4b3380b8MozillaFirefox-translationsppc4855e7e5ed9f65bb07f173738edc18ff3eb87ab557cc456f2fa8ebcd9dd8671f6f165c2a481999aaf44d8048bedf888d6d326ce07a2a2a56638a194ed26111c0822f813fe16c4c2663e1d1fe71a4568dMozillaFirefox-translationsx86_6482216b3bc448e3823274555ff91de697f24177e63f3bf8c9688c954a493a8593851aa84f9b82e7e662ea27f3942518ec70d64c3959fbff2bca878508