CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
February 4th, 2009

7 Security Vulnerabilities Patched In Firefox 3.0.6 By Mozilla

Mozilla fixed at least 7 documented security vulnerabilities that expose Firefox 3 users to malicious hacker attacks. The Firefox 3.0.6 upgrade patches at least two critical Firefox flaws that may lead to arbitrary code execution attacks and another high risk bug that could be used to steal victim’s data:

MFSA 2009-06: Paul Nel reported that certain HTTP directives to not cache web pages, Cache-Control: no-store and Cache-Control: no-cache for HTTPS pages, were being ignored by Firefox 3. On a shared system, applications relying upon these HTTP directives could potentially expose private data. Another user on the system could use this vulnerability to view improperly cached pages containing private data by navigating the browser back.

MFSA 2009-05: Developer and Mozilla community member Wladimir Palant reported that cookies marked HTTPOnly were readable by JavaScript via the XMLHttpRequest.getResponseHeader and APIs. This vulnerability bypasses the security mechanism provided by the HTTPOnly flag which intends to restrict JavaScript access to document.cookie. XMLHttpRequest.getAllResponseHeaders. The fix prevents the XMLHttpRequest feature from accessing the Set-Cookie and Set-Cookie2 headers of any response whether or not the HTTPOnly flag was set for those cookies.

MFSA 2009-04: (Moderate severity) Mozilla security researcher Georgi Guninski reported that the fix for an earlier vulnerability reported by Liu Die Yu using local internet shortcut files to access other sites (MFSA 2008-47) could be bypassed by redirecting to a privileged about: URI such as about:plugins. If an attacker could get a victim to download two files, a malicious HTML file and a .desktop shortcut file, they could have the HTML document load a privileged chrome document via the shortcut and both documents would be treated as same origin. This vulnerability could potentially be used by an attacker to inject arbitrary code into the chrome document and execute with chrome privileges. Because this attack has relatively high complexity, the severity of this issue was determined to be moderate.

MFSA 2009-03: (High severity) Mozilla security researcher moz_bug_r_a4 reported that a form input control’s type could be changed during the restoration of a closed tab. An attacker could set an input control’s text value to the path of a local file whose location was known to the attacker. If the tab was then closed and the victim persuaded to re-open it, upon restoring the tab the attacker could use this vulnerability to change the input type to file. Scripts in the page could then automatically submit the form and steal the contents of the user’s local file.

MFSA 2009-02: (High severity) Mozilla security researcher moz_bug_r_a4 reported that a chrome XBL method can be used in conjuction with window.eval to execute arbitrary JavaScript within the context of another website, violating the same origin policy. Firefox 2 releases are not affected. Disable JavaScript until a version containing these fixes can be installed.

MFSA 2009-01: (Rated Critical)  Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code.

This is a high-priority update for any user that has Firefox installed, whether the browser used or not. The patch is being released automatically via Firefox’s built-in update mechanism.

Share this item with others:

More on CyberInsecure:
  • Firefox 2.0.0.13 Is Out
  • Numerous Securty Vulnerabilities Patched In Firefox 3.0.5
  • Five Vulnerabilities Patched In Firefox 3.0.2 and 2.0.0.17, Two Of Them Are Critical
  • Password Bug Fixed Sooner Than Expected in Firefox 3.0.3
  • JavaScript Bug Patched By Mozilla In Firefox 2.0.0.14

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: 7 Security Vulnerabilities Patched In Firefox 3.0.6 By Mozilla

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.