Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 390771 - www-client/firefox,mail-client/thunderbird: loadSubScript unwraps XPCNativeWrapper scope parameter (CVE-2011-3647)
Summary: www-client/firefox,mail-client/thunderbird: loadSubScript unwraps XPCNativeWr...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B2 [glsa]
Keywords:
Depends on: 381245
Blocks:
  Show dependency tree
 
Reported: 2011-11-17 00:18 UTC by GLSAMaker/CVETool Bot
Modified: 2013-01-08 01:05 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2011-11-17 00:18:36 UTC
CVE-2011-3647 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3647):
  The JSSubScriptLoader in Mozilla Firefox before 3.6.24 and Thunderbird
  before 3.1.6 does not properly handle XPCNativeWrappers during calls to the
  loadSubScript method in an add-on, which makes it easier for remote
  attackers to gain privileges via a crafted web site that leverages certain
  unwrapping behavior, a related issue to CVE-2011-3004.


From the upstream advisory at https://www.mozilla.org/security/announce/2011/mfsa2011-46.html:

Mozilla security researcher moz_bug_r_a4 reported that the problem described in MFSA 2011-43 and fixed in Firefox 7 also affected Firefox 3.6: a malicious page could potentially exploit a Firefox user who had installed an add-on that used loadSubscript in vulnerable ways.
Comment 1 Jory A. Pratt gentoo-dev 2011-12-12 16:24:15 UTC
Mozilla team is not needed here.
Comment 2 GLSAMaker/CVETool Bot gentoo-dev 2013-01-08 01:05:05 UTC
This issue was resolved and addressed in
 GLSA 201301-01 at http://security.gentoo.org/glsa/glsa-201301-01.xml
by GLSA coordinator Sean Amoss (ackle).