Rapid7 Vulnerability & Exploit Database

Mozilla Firefox Multiple Vulnerabilities Fixed in 3.0.14 and 3.5.3

Back to Search

Mozilla Firefox Multiple Vulnerabilities Fixed in 3.0.14 and 3.5.3

Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
09/09/2009
Created
07/25/2018
Added
09/23/2009
Modified
02/13/2015

Description

Mozilla Firefox versions before 3.0.14 and 3.5.3 are affected by multiple vulnerabilities:

  • Crashes with evidence of memory corruption (MFSA 2009-47). Several stability bugs in the browser engine used in Firefox and other Mozilla-based products have been identified and fixed. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code.
  • Insufficient warning for PKCS11 module installation and removal (MFSA 2009-48). When security modules were added or removed via pkcs11.addmodule or pkcs11.deletemodule, the resulting dialog was not sufficiently informative. Without sufficient warning, an attacker could entice a victim to install a malicious PKCS11 module and affect the cryptographic integrity of the victim's browser.
  • TreeColumns dangling pointer vulnerability (MFSA 2009-49). The columns of a XUL tree element could be manipulated in a particular way which would leave a pointer owned by the column pointing to freed memory. An attacker could potentially use this vulnerability to crash a victim's browser and run arbitrary code on the victim's computer.
  • Location bar spoofing via tall line-height Unicode characters (MFSA 2009-50). The default Windows font used to render the locationbar and other text fields was improperly displaying certain Unicode characters with tall line-height. In such cases the tall line-height would cause the rest of the text in the input field to be scrolled vertically out of view. An attacker could use this vulnerability to prevent a user from seeing the URL of a malicious site.
  • Chrome privilege escalation with FeedWriter (MFSA 2009-51). The BrowserFeedWriter could be leveraged to run JavaScript code from web content with elevated privileges. Using this vulnerability, an attacker could construct an object containing malicious JavaScript and cause the FeedWriter to process the object, running the malicious code with chrome privileges.

Solution(s)

  • mozilla-firefox-upgrade-3_0_14
  • mozilla-firefox-upgrade-3_5_3

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;