Summary: | <www-client/firefox{,-bin}-17.0.6 - <mail-client/thunderbird{,-bin}-17.0.6: Multiple vulnerabilities (CVE-2013-{0801,1669,1670,1671,1674,1675,1676,1677,1678,1679,1680,1681}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | mozilla |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | A2 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 464226, 474758 |
Description
Agostino Sarubbo
2013-05-14 19:35:42 UTC
Note MFSA 2013-{43,45} are specific to >www-client/firefox-17.x and are fixed in >=www-client/firefox-21 . ESR version bumps are in the tree. CCing arches, please stabilize as below: =www-client/firefox-17.0.6: Target KEYWORDS="alpha amd64 arm ia64 ppc ppc64 x86" =www-client/firefox-bin-17.0.6: Target KEYWORDS="amd64 x86" =mail-client/thunderbird-17.0.6: Target KEYWORDS="alpha amd64 arm ppc ppc64 x86" =mail-client/thunderbird-bin-17.0.6: Target KEYWORDS="amd64 x86" (note: alpha and ia64 stabilization is a continuation of bug 464226) amd64 stable x86 stable ppc stable arm stable ppc64 stable alpha and ia64 stabilization will continue in bug 474758 MFSA 2013-42 and -45 (and their respective CVEs) do not affect us. CVE-2013-1681 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1681): Use-after-free vulnerability in the nsContentUtils::RemoveScriptBlocker function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. CVE-2013-1680 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1680): Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. CVE-2013-1679 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1679): Use-after-free vulnerability in the mozilla::plugins::child::_geturlnotify function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. CVE-2013-1678 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1678): The _cairo_xlib_surface_add_glyph function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (invalid write operation) via unspecified vectors. CVE-2013-1677 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1677): The gfxSkipCharsIterator::SetOffsets function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2013-1676 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1676): The SelectionIterator::GetNextSegment function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors. CVE-2013-1675 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1675): Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sensitive information from process memory via a crafted web site. CVE-2013-1674 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1674): Use-after-free vulnerability in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code via vectors involving an onresize event during the playing of a video. CVE-2013-1671 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1671): Mozilla Firefox before 21.0 does not properly implement the INPUT element, which allows remote attackers to obtain the full pathname via a crafted web site. CVE-2013-1670 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1670): The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 does not prevent acquisition of chrome privileges during calls to content level constructors, which allows remote attackers to bypass certain read-only restrictions and conduct cross-site scripting (XSS) attacks via a crafted web site. CVE-2013-1669 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1669): Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 21.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. CVE-2013-0801 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0801): Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. This issue was resolved and addressed in GLSA 201309-23 at http://security.gentoo.org/glsa/glsa-201309-23.xml by GLSA coordinator Chris Reffett (creffett). |