1. Home
  2. Security Advisories
  3. Red Hat
  4. RHSA-2011:0471

[RHSA-2011:0471] firefox security update

Severity Critical
Affected Packages 18
CVEs 15
Info Packages References Vulnerabilities

Mozilla Firefox is an open source web browser. XULRunner provides the XUL
Runtime environment for Mozilla Firefox.

Several flaws were found in the processing of malformed web content. A web
page containing malicious content could possibly lead to arbitrary code
execution with the privileges of the user running Firefox. (CVE-2011-0080,
CVE-2011-0081)

An arbitrary memory write flaw was found in the way Firefox handled
out-of-memory conditions. If all memory was consumed when a user visited a
malicious web page, it could possibly lead to arbitrary code execution
with the privileges of the user running Firefox. (CVE-2011-0078)

An integer overflow flaw was found in the way Firefox handled the HTML
frameset tag. A web page with a frameset tag containing large values for
the "rows" and "cols" attributes could trigger this flaw, possibly leading
to arbitrary code execution with the privileges of the user running
Firefox. (CVE-2011-0077)

A flaw was found in the way Firefox handled the HTML iframe tag. A web page
with an iframe tag containing a specially-crafted source address could
trigger this flaw, possibly leading to arbitrary code execution with the
privileges of the user running Firefox. (CVE-2011-0075)

A flaw was found in the way Firefox displayed multiple marquee elements. A
malformed HTML document could cause Firefox to execute arbitrary code with
the privileges of the user running Firefox. (CVE-2011-0074)

A flaw was found in the way Firefox handled the nsTreeSelection element.
Malformed content could cause Firefox to execute arbitrary code with the
privileges of the user running Firefox. (CVE-2011-0073)

A use-after-free flaw was found in the way Firefox appended frame and
iframe elements to a DOM tree when the NoScript add-on was enabled.
Malicious HTML content could cause Firefox to execute arbitrary code with
the privileges of the user running Firefox. (CVE-2011-0072)

A directory traversal flaw was found in the Firefox resource:// protocol
handler. Malicious content could cause Firefox to access arbitrary files
accessible to the user running Firefox. (CVE-2011-0071)

A double free flaw was found in the way Firefox handled
"application/http-index-format" documents. A malformed HTTP response could
cause Firefox to execute arbitrary code with the privileges of the user
running Firefox. (CVE-2011-0070)

A flaw was found in the way Firefox handled certain JavaScript cross-domain
requests. If malicious content generated a large number of cross-domain
JavaScript requests, it could cause Firefox to execute arbitrary code with
the privileges of the user running Firefox. (CVE-2011-0069)

A flaw was found in the way Firefox displayed the autocomplete pop-up.
Malicious content could use this flaw to steal form history information.
(CVE-2011-0067)

Two use-after-free flaws were found in the Firefox mObserverList and
mChannel objects. Malicious content could use these flaws to execute
arbitrary code with the privileges of the user running Firefox.
(CVE-2011-0066, CVE-2011-0065)

A flaw was found in the Firefox XSLT generate-id() function. This function
returned the memory address of an object in memory, which could possibly be
used by attackers to bypass address randomization protections.
(CVE-2011-1202)

For technical details regarding these flaws, refer to the Mozilla security
advisories for Firefox 3.6.17. You can find a link to the Mozilla
advisories in the References section of this erratum.

All Firefox users should upgrade to these updated packages, which contain
Firefox version 3.6.17, which corrects these issues. After installing the
update, Firefox must be restarted for the changes to take effect.

Package Affected Version
pkg:rpm/redhat/xulrunner?arch=x86_64&distro=redhat-6.0 < 1.9.2.17-4.el6_0
pkg:rpm/redhat/xulrunner?arch=s390x&distro=redhat-6.0 < 1.9.2.17-4.el6_0
pkg:rpm/redhat/xulrunner?arch=s390&distro=redhat-6.0 < 1.9.2.17-4.el6_0
pkg:rpm/redhat/xulrunner?arch=ppc64&distro=redhat-6.0 < 1.9.2.17-4.el6_0
pkg:rpm/redhat/xulrunner?arch=ppc&distro=redhat-6.0 < 1.9.2.17-4.el6_0
pkg:rpm/redhat/xulrunner?arch=i686&distro=redhat-6.0 < 1.9.2.17-4.el6_0
pkg:rpm/redhat/xulrunner-devel?arch=x86_64&distro=redhat-6.0 < 1.9.2.17-4.el6_0
pkg:rpm/redhat/xulrunner-devel?arch=s390x&distro=redhat-6.0 < 1.9.2.17-4.el6_0
pkg:rpm/redhat/xulrunner-devel?arch=s390&distro=redhat-6.0 < 1.9.2.17-4.el6_0
pkg:rpm/redhat/xulrunner-devel?arch=ppc64&distro=redhat-6.0 < 1.9.2.17-4.el6_0
pkg:rpm/redhat/xulrunner-devel?arch=ppc&distro=redhat-6.0 < 1.9.2.17-4.el6_0
pkg:rpm/redhat/xulrunner-devel?arch=i686&distro=redhat-6.0 < 1.9.2.17-4.el6_0
pkg:rpm/redhat/firefox?arch=x86_64&distro=redhat-6.0 < 3.6.17-1.el6_0
pkg:rpm/redhat/firefox?arch=s390x&distro=redhat-6.0 < 3.6.17-1.el6_0
pkg:rpm/redhat/firefox?arch=s390&distro=redhat-6.0 < 3.6.17-1.el6_0
pkg:rpm/redhat/firefox?arch=ppc64&distro=redhat-6.0 < 3.6.17-1.el6_0
pkg:rpm/redhat/firefox?arch=ppc&distro=redhat-6.0 < 3.6.17-1.el6_0
pkg:rpm/redhat/firefox?arch=i686&distro=redhat-6.0 < 3.6.17-1.el6_0
ID
RHSA-2011:0471
Severity
critical
URL
https://access.redhat.com/errata/RHSA-2011:0471
Published
2011-04-29T00:00:00
(13 years ago)
Modified
2011-04-29T00:00:00
(13 years ago)
Rights
Copyright 2011 Red Hat, Inc.
Other Advisories
Source # ID Name URL
Bugzilla 684386 https://bugzilla.redhat.com/684386
Bugzilla 700603 https://bugzilla.redhat.com/700603
Bugzilla 700613 https://bugzilla.redhat.com/700613
Bugzilla 700615 https://bugzilla.redhat.com/700615
Bugzilla 700617 https://bugzilla.redhat.com/700617
Bugzilla 700619 https://bugzilla.redhat.com/700619
Bugzilla 700622 https://bugzilla.redhat.com/700622
Bugzilla 700635 https://bugzilla.redhat.com/700635
Bugzilla 700640 https://bugzilla.redhat.com/700640
Bugzilla 700642 https://bugzilla.redhat.com/700642
Bugzilla 700644 https://bugzilla.redhat.com/700644
Bugzilla 700657 https://bugzilla.redhat.com/700657
Bugzilla 700658 https://bugzilla.redhat.com/700658
Bugzilla 700676 https://bugzilla.redhat.com/700676
Bugzilla 700677 https://bugzilla.redhat.com/700677
RHSA RHSA-2011:0471 https://access.redhat.com/errata/RHSA-2011:0471
CVE CVE-2011-0065 https://access.redhat.com/security/cve/CVE-2011-0065
CVE CVE-2011-0066 https://access.redhat.com/security/cve/CVE-2011-0066
CVE CVE-2011-0067 https://access.redhat.com/security/cve/CVE-2011-0067
CVE CVE-2011-0069 https://access.redhat.com/security/cve/CVE-2011-0069
CVE CVE-2011-0070 https://access.redhat.com/security/cve/CVE-2011-0070
CVE CVE-2011-0071 https://access.redhat.com/security/cve/CVE-2011-0071
CVE CVE-2011-0072 https://access.redhat.com/security/cve/CVE-2011-0072
CVE CVE-2011-0073 https://access.redhat.com/security/cve/CVE-2011-0073
CVE CVE-2011-0074 https://access.redhat.com/security/cve/CVE-2011-0074
CVE CVE-2011-0075 https://access.redhat.com/security/cve/CVE-2011-0075
CVE CVE-2011-0077 https://access.redhat.com/security/cve/CVE-2011-0077
CVE CVE-2011-0078 https://access.redhat.com/security/cve/CVE-2011-0078
CVE CVE-2011-0080 https://access.redhat.com/security/cve/CVE-2011-0080
CVE CVE-2011-0081 https://access.redhat.com/security/cve/CVE-2011-0081
CVE CVE-2011-1202 https://access.redhat.com/security/cve/CVE-2011-1202
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/redhat/xulrunner?arch=x86_64&distro=redhat-6.0 redhat xulrunner < 1.9.2.17-4.el6_0 redhat-6.0 x86_64
Affected pkg:rpm/redhat/xulrunner?arch=s390x&distro=redhat-6.0 redhat xulrunner < 1.9.2.17-4.el6_0 redhat-6.0 s390x
Affected pkg:rpm/redhat/xulrunner?arch=s390&distro=redhat-6.0 redhat xulrunner < 1.9.2.17-4.el6_0 redhat-6.0 s390
Affected pkg:rpm/redhat/xulrunner?arch=ppc64&distro=redhat-6.0 redhat xulrunner < 1.9.2.17-4.el6_0 redhat-6.0 ppc64
Affected pkg:rpm/redhat/xulrunner?arch=ppc&distro=redhat-6.0 redhat xulrunner < 1.9.2.17-4.el6_0 redhat-6.0 ppc
Affected pkg:rpm/redhat/xulrunner?arch=i686&distro=redhat-6.0 redhat xulrunner < 1.9.2.17-4.el6_0 redhat-6.0 i686
Affected pkg:rpm/redhat/xulrunner-devel?arch=x86_64&distro=redhat-6.0 redhat xulrunner-devel < 1.9.2.17-4.el6_0 redhat-6.0 x86_64
Affected pkg:rpm/redhat/xulrunner-devel?arch=s390x&distro=redhat-6.0 redhat xulrunner-devel < 1.9.2.17-4.el6_0 redhat-6.0 s390x
Affected pkg:rpm/redhat/xulrunner-devel?arch=s390&distro=redhat-6.0 redhat xulrunner-devel < 1.9.2.17-4.el6_0 redhat-6.0 s390
Affected pkg:rpm/redhat/xulrunner-devel?arch=ppc64&distro=redhat-6.0 redhat xulrunner-devel < 1.9.2.17-4.el6_0 redhat-6.0 ppc64
Affected pkg:rpm/redhat/xulrunner-devel?arch=ppc&distro=redhat-6.0 redhat xulrunner-devel < 1.9.2.17-4.el6_0 redhat-6.0 ppc
Affected pkg:rpm/redhat/xulrunner-devel?arch=i686&distro=redhat-6.0 redhat xulrunner-devel < 1.9.2.17-4.el6_0 redhat-6.0 i686
Affected pkg:rpm/redhat/firefox?arch=x86_64&distro=redhat-6.0 redhat firefox < 3.6.17-1.el6_0 redhat-6.0 x86_64
Affected pkg:rpm/redhat/firefox?arch=s390x&distro=redhat-6.0 redhat firefox < 3.6.17-1.el6_0 redhat-6.0 s390x
Affected pkg:rpm/redhat/firefox?arch=s390&distro=redhat-6.0 redhat firefox < 3.6.17-1.el6_0 redhat-6.0 s390
Affected pkg:rpm/redhat/firefox?arch=ppc64&distro=redhat-6.0 redhat firefox < 3.6.17-1.el6_0 redhat-6.0 ppc64
Affected pkg:rpm/redhat/firefox?arch=ppc&distro=redhat-6.0 redhat firefox < 3.6.17-1.el6_0 redhat-6.0 ppc
Affected pkg:rpm/redhat/firefox?arch=i686&distro=redhat-6.0 redhat firefox < 3.6.17-1.el6_0 redhat-6.0 i686
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date