Five Vulnerabilities Patched In Firefox 3.0.2 and 2.0.0.17, Two Of Them Are Critical
Firefox 3.0.2 was released today with 5 fixes for security vulnerabilities. The Mozilla Foundation has addressed 2 critical and 2 moderate security vulnerabilities, 11 flaws in total. One of the bugs in both Firefox 2.0 and 3.0, although rated only low, was described by Mozilla as a variant of a “click-hijacking” vulnerability first reported in Microsoft Corp.’s Internet Explorer. Mozilla also addressed several other issues in Firefox with 3.0.2, including several stability problems and a bug that caused browsers with customized toolbars to delete the back and forward buttons.
Here is the list of patched security flaws:
MFSA 2008-44 (Moderate): protocol allowed directory traversal on Linux when using URL-encoded slashes. The restrictions imposed on local HTML files could be bypassed using the resource: protocol. The vulnerability allowed an attacker to read information about the system and prompt the victim to save the information in a file.
MFSA 2008-43 (Moderate): certain BOM characters are stripped from JavaScript code before it is executed. This can lead to code, which would otherwise be treated as part of a quoted string, to be executed. The issue could potentially be used by an attacker to bypass or evade script filters and perform an XSS attack. HTML parser also ignored certain low surrogate characters if they were HTML-escaped. This issue could potentially be used to bypass naive script filtering and used in an XSS attack. This issue only affected Firefox 2.
MFSA 2008-42 (Critical): crashes due to several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Crashes in Mozilla image rendering code affected Firefox 3. Crash in graphics rendering affected Firefox 3.
MFSA 2008-41 (Critical): series of vulnerabilities by which page content can pollute XPCNativeWrappers and have arbitrary code run with chrome privileges. One variant reported to affect only Firefox 2. These issues could also be used by an attacker to run arbitrary script with chrome privileges.
MFSA 2008-40 (Low): click-hijacking vulnerability discovered in Internet Explorer allowed an attacker to move the content window while the mouse was being clicked, causing an item to be dragged rather than clicked-on. This issue could potentially be used to force a user to download a file or perform other drag-and-drop actions.
Some of the vulnerabilities described may not require exploits. For the issues that do require exploit code, there are no reports of any publicly available exploits.
The update (2.0.0.17) is also available for Firefox 2 users. Mozilla patched all but one of the bugs fixed in 3.0.2, but also addressing several issues specific to the aging browser. It’s unclear how many more updates Mozilla will release for Firefox 2, they are not produced on a set schedule, because it has already announced it will drop the browser this December. Mozilla continues to urge users to upgrade to Firefox 3.0.
More on CyberInsecure:
Posts
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.