Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 312361 (CVE-2010-0174) - <www-client/mozilla-firefox-3.5.9: Multiple vulnerabilities (CVE-2010-{0174,0175,0176,0177,0178,0181,3555})
Summary: <www-client/mozilla-firefox-3.5.9: Multiple vulnerabilities (CVE-2010-{0174,0...
Status: RESOLVED FIXED
Alias: CVE-2010-0174
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL: http://www.mozilla.org/security/known...
Whiteboard: A2 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2010-03-31 11:20 UTC by Hanno Böck
Modified: 2013-01-08 01:03 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Hanno Böck gentoo-dev 2010-03-31 11:20:21 UTC
mozilla-team, please either provide an updated 3.5.9 ebuild or give an ok for stabilizing 3.6.2.
Comment 1 Steffen Schaumburg 2010-03-31 18:52:02 UTC
I just renamed the 3.5.8.ebuild to 3.5.9 and much to my surprise it worked, I thought xulrunner and FF always update at the same time. Or am I still, at core, running 3.5.8?

I'm running amd64 with several hundred ~amd64 packages (don't ask lol), here's the USE-flags I think the full emerge --info would be a waste of space.

[ebuild   R   ] www-client/mozilla-firefox-3.5.9  USE="alsa dbus java sqlite startup-notification -bindist -custom-optimization -gnome -iceweasel -mozdevelop" LINGUAS="de en en_GB en_US -af -ar -as -be -bg -bn -bn_BD -bn_IN -ca -cs -cy -da -el -eo -es -es_AR -es_CL -es_ES -es_MX -et -eu -fa -fi -fr -fy -fy_NL -ga -ga_IE -gl -gu -gu_IN -he -hi -hi_IN -hr -hu -id -is -it -ja -ka -kk -kn -ko -ku -lt -lv -mk -ml -mn -mr -nb -nb_NO -nl -nn -nn_NO -oc -or -pa -pa_IN -pl -pt -pt_BR -pt_PT -rm -ro -ru -si -sk -sl -sq -sr -sv -sv_SE -ta -ta_LK -te -th -tr -uk -vi -zh_CN -zh_TW" 0 kB [1]
Comment 2 Nirbheek Chauhan (RETIRED) gentoo-dev 2010-09-16 13:36:41 UTC
Nothing for mozilla team to do here, none of the affected versions/packages are in-tree anymore.
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2012-07-21 14:39:24 UTC
CVE-2010-0181 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0181):
  Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, and SeaMonkey before
  2.0.4, executes a mail application in situations where an IMG element has a
  SRC attribute that is a redirect to a mailto: URL, which allows remote
  attackers to cause a denial of service (excessive application launches) via
  an HTML document with many images.

CVE-2010-0178 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0178):
  Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2,
  and SeaMonkey before 2.0.4, does not prevent applets from interpreting mouse
  clicks as drag-and-drop actions, which allows remote attackers to execute
  arbitrary JavaScript with Chrome privileges by loading a chrome: URL and
  then loading a javascript: URL.

CVE-2010-0177 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0177):
  Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2,
  and SeaMonkey before 2.0.4, frees the contents of the
  window.navigator.plugins array while a reference to an array element is
  still active, which allows remote attackers to execute arbitrary code or
  cause a denial of service (application crash) via unspecified vectors,
  related to a "dangling pointer vulnerability."

CVE-2010-0176 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0176):
  Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2;
  Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 do not properly manage
  reference counts for option elements in a XUL tree optgroup, which might
  allow remote attackers to execute arbitrary code via unspecified vectors
  that trigger access to deleted elements, related to a "dangling pointer
  vulnerability."

CVE-2010-0175 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0175):
  Use-after-free vulnerability in the nsTreeSelection implementation in
  Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.9, Thunderbird before
  3.0.4, and SeaMonkey before 2.0.4 allows remote attackers to execute
  arbitrary code or cause a denial of service (application crash) via
  unspecified vectors that trigger a call to the handler for the select event
  for XUL tree items.

CVE-2010-0174 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0174):
  Multiple unspecified vulnerabilities in the browser engine in Mozilla
  Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2;
  Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 allow remote attackers
  to cause a denial of service (memory corruption and application crash) or
  possibly execute arbitrary code via unknown vectors.
Comment 4 GLSAMaker/CVETool Bot gentoo-dev 2013-01-08 01:03:46 UTC
This issue was resolved and addressed in
 GLSA 201301-01 at http://security.gentoo.org/glsa/glsa-201301-01.xml
by GLSA coordinator Sean Amoss (ackle).