[USN-930-1] Firefox and Xulrunner vulnerabilities
Firefox could be made to run programs as your login if it opened a specially crafted file or website.
If was discovered that Firefox could be made to access freed memory. If a
user were tricked into viewing a malicious site, a remote attacker could
cause a denial of service or possibly execute arbitrary code with the
privileges of the user invoking the program. This issue only affected
Ubuntu 8.04 LTS. (CVE-2010-1121)
Several flaws were discovered in the browser engine of Firefox. If a
user were tricked into viewing a malicious site, a remote attacker could
cause a denial of service or possibly execute arbitrary code with the
privileges of the user invoking the program. (CVE-2010-1200, CVE-2010-1201,
CVE-2010-1202, CVE-2010-1203)
A flaw was discovered in the way plugin instances interacted. An attacker
could potentially exploit this and use one plugin to access freed memory from a
second plugin to execute arbitrary code with the privileges of the user
invoking the program. (CVE-2010-1198)
An integer overflow was discovered in Firefox. If a user were tricked into
viewing a malicious site, an attacker could overflow a buffer and cause a
denial of service or possibly execute arbitrary code with the privileges of
the user invoking the program. (CVE-2010-1196)
Martin Barbella discovered an integer overflow in an XSLT node sorting
routine. An attacker could exploit this to overflow a buffer and cause a
denial of service or possibly execute arbitrary code with the privileges of
the user invoking the program. (CVE-2010-1199)
Michal Zalewski discovered that the focus behavior of Firefox could be
subverted. If a user were tricked into viewing a malicious site, a remote
attacker could use this to capture keystrokes. (CVE-2010-1125)
Ilja van Sprundel discovered that the 'Content-Disposition: attachment'
HTTP header was ignored when 'Content-Type: multipart' was also present.
Under certain circumstances, this could potentially lead to cross-site
scripting attacks. (CVE-2010-1197)
Amit Klein discovered that Firefox did not seed its random number generator
often enough. An attacker could exploit this to identify and track users
across different web sites. (CVE-2008-5913)
- ID
- USN-930-1
- Severity
- high
- Severity from
- CVE-2010-1121
- URL
- https://ubuntu.com/security/notices/USN-930-1
- Published
-
2010-06-29T20:41:25
(14 years ago) - Modified
-
2010-06-29T20:41:25
(14 years ago) - Other Advisories
ELSA-2010-0501
FEDORA-2010-10329
FREEBSD:99858B7C-7ECE-11DF-A007-000F20797EDE
GLSA-201301-01| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |