Rapid7 Vulnerability & Exploit Database

RHSA-2011:0471: firefox security update

Back to Search

RHSA-2011:0471: firefox security update

Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
05/07/2011
Created
07/25/2018
Added
05/12/2011
Modified
07/04/2017

Description

Mozilla Firefox is an open source web browser. XULRunner provides the XULRuntime environment for Mozilla Firefox.Several flaws were found in the processing of malformed web content. A webpage containing malicious content could possibly lead to arbitrary codeexecution with the privileges of the user running Firefox. (CVE-2011-0080,CVE-2011-0081)An arbitrary memory write flaw was found in the way Firefox handledout-of-memory conditions. If all memory was consumed when a user visited amalicious web page, it could possibly lead to arbitrary code executionwith the privileges of the user running Firefox. (CVE-2011-0078)An integer overflow flaw was found in the way Firefox handled the HTMLframeset tag. A web page with a frameset tag containing large values forthe "rows" and "cols" attributes could trigger this flaw, possibly leadingto arbitrary code execution with the privileges of the user runningFirefox. (CVE-2011-0077)A flaw was found in the way Firefox handled the HTML iframe tag. A web pagewith an iframe tag containing a specially-crafted source address couldtrigger this flaw, possibly leading to arbitrary code execution with theprivileges of the user running Firefox. (CVE-2011-0075)A flaw was found in the way Firefox displayed multiple marquee elements. Amalformed HTML document could cause Firefox to execute arbitrary code withthe privileges of the user running Firefox. (CVE-2011-0074)A flaw was found in the way Firefox handled the nsTreeSelection element.Malformed content could cause Firefox to execute arbitrary code with theprivileges of the user running Firefox. (CVE-2011-0073)A use-after-free flaw was found in the way Firefox appended frame andiframe elements to a DOM tree when the NoScript add-on was enabled.Malicious HTML content could cause Firefox to execute arbitrary code withthe privileges of the user running Firefox. (CVE-2011-0072)A directory traversal flaw was found in the Firefox resource:// protocolhandler. Malicious content could cause Firefox to access arbitrary filesaccessible to the user running Firefox. (CVE-2011-0071)A double free flaw was found in the way Firefox handled"application/http-index-format" documents. A malformed HTTP response couldcause Firefox to execute arbitrary code with the privileges of the userrunning Firefox. (CVE-2011-0070)A flaw was found in the way Firefox handled certain JavaScript cross-domainrequests. If malicious content generated a large number of cross-domainJavaScript requests, it could cause Firefox to execute arbitrary code withthe privileges of the user running Firefox. (CVE-2011-0069)A flaw was found in the way Firefox displayed the autocomplete pop-up.Malicious content could use this flaw to steal form history information.(CVE-2011-0067)Two use-after-free flaws were found in the Firefox mObserverList andmChannel objects. Malicious content could use these flaws to executearbitrary code with the privileges of the user running Firefox.(CVE-2011-0066, CVE-2011-0065)A flaw was found in the Firefox XSLT generate-id() function. This functionreturned the memory address of an object in memory, which could possibly beused by attackers to bypass address randomization protections.(CVE-2011-1202)For technical details regarding these flaws, refer to the Mozilla securityadvisories for Firefox 3.6.17. You can find a link to the Mozillaadvisories in the References section of this erratum.All Firefox users should upgrade to these updated packages, which containFirefox version 3.6.17, which corrects these issues. After installing theupdate, Firefox must be restarted for the changes to take effect.

Solution(s)

  • redhat-upgrade-firefox
  • redhat-upgrade-firefox-debuginfo
  • redhat-upgrade-xulrunner
  • redhat-upgrade-xulrunner-debuginfo
  • redhat-upgrade-xulrunner-devel

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;