Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 280234 (CVE-2009-2654) - <www-client/mozilla-firefox{-bin}-3.5.2 address bar spoofing (CVE-2009-{2654,2665})
Summary: <www-client/mozilla-firefox{-bin}-3.5.2 address bar spoofing (CVE-2009-{2654,...
Status: RESOLVED FIXED
Alias: CVE-2009-2654
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Gentoo Security
URL: https://bugzilla.mozilla.org/show_bug...
Whiteboard: B4 [glsa]
Keywords:
Depends on: CVE-2009-2462
Blocks:
  Show dependency tree
 
Reported: 2009-08-03 22:36 UTC by Stefan Behte (RETIRED)
Modified: 2013-01-08 01:03 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Behte (RETIRED) gentoo-dev Security 2009-08-03 22:36:18 UTC
CVE-2009-2654 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2654):
  Mozilla Firefox 3.5.1 and earlier allows remote attackers to spoof
  the address bar, and possibly conduct phishing attacks, via a crafted
  web page that calls window.open with an invalid character in the URL,
  makes document.write calls to the resulting object, and then calls
  the stop method during the loading of the error page.
Comment 1 Stefan Behte (RETIRED) gentoo-dev Security 2009-08-04 10:13:33 UTC
3.5.2 available for download, my guess is that you're already working on it?
Comment 2 Jory A. Pratt gentoo-dev 2009-08-04 12:54:08 UTC
(In reply to comment #1)
> 3.5.2 available for download, my guess is that you're already working on it?
> 

I am just waiting on a proxy commit to put it in main tree, I have it done up since last night, it is currently avaliable in the mozilla overlay.
Comment 3 Stefan Behte (RETIRED) gentoo-dev Security 2009-08-04 19:34:19 UTC
CVE-2009-2665 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2665):
  The nsDocument::SetScriptGlobalObject function in
  content/base/src/nsDocument.cpp in Mozilla Firefox 3.5.x before
  3.5.2, when certain add-ons are enabled, does not properly handle a
  Link HTTP header, which allows remote attackers to execute arbitrary
  JavaScript with chrome privileges via a crafted web page, related to
  an incorrect security wrapper.
Comment 4 Jory A. Pratt gentoo-dev 2009-08-05 20:10:05 UTC

*** This bug has been marked as a duplicate of bug 280393 ***
Comment 5 Robert Buchholz (RETIRED) gentoo-dev 2009-08-06 18:05:11 UTC
Jory, please do not close bugs assigned to security@. If you feel there is a duplicate bug, please leave a comment explaining why.

With regards to firefox: We try to keep issues in 3.5 (only) and in 3.0 (stable) in separate bugs. We may not always keep that idea up in 100% of the cases, but if we handle duplicate issues, please try to clear them up applying this rule.
Comment 6 Mounir Lamouri (volkmar) (RETIRED) gentoo-dev 2009-08-20 08:49:37 UTC
(In reply to comment #5)
> Jory, please do not close bugs assigned to security@. If you feel there is a
> duplicate bug, please leave a comment explaining why.
> 
> With regards to firefox: We try to keep issues in 3.5 (only) and in 3.0
> (stable) in separate bugs. We may not always keep that idea up in 100% of the
> cases, but if we handle duplicate issues, please try to clear them up applying
> this rule.
> 

I think this bug depends on bug 280393 as it's know about stabilizing 3.5.2.

(let me know if I shouldn't add depend/block info on security bugs)
Comment 7 Samuli Suominen gentoo-dev 2009-10-19 11:07:46 UTC
amd64 stable
Comment 8 Christian Faulhammer (RETIRED) gentoo-dev 2009-11-09 12:56:07 UTC
x86 out of here.
Comment 9 Nirbheek Chauhan (RETIRED) gentoo-dev 2010-09-16 13:36:06 UTC
Nothing for mozilla team to do here, none of the affected versions/packages are in-tree anymore.
Comment 10 GLSAMaker/CVETool Bot gentoo-dev 2013-01-08 01:03:23 UTC
This issue was resolved and addressed in
 GLSA 201301-01 at http://security.gentoo.org/glsa/glsa-201301-01.xml
by GLSA coordinator Sean Amoss (ackle).