HOME > ADVISORIES


   ADVISORY

CERT-In Advisory CIAD-2009-17
Multiple Vulnerabilities in Mozilla Products

Original issue date: March 31, 2009

Severity Rating: High

Systems Affected

  • Mozilla Firefox Versions prior to 3.0.
  • Mozilla SeaMonkey Versions prior to 1.1.16

Overview

Multiple vulnerabilities have been reported in Mozilla Firefox and SeaMonkey which could allow a remote attacker to execute an arbitrary code, cause a denial of service or potentially compromise an affected system.

Description

1. Mozilla Firefox '_moveToEdgeShift' Remote Code Execution     Vulnerability (CVE-2009-1044)

This vulnerability is caused due to an error in processing of the XUL tree method "_moveToEdgeShift()" in Mozilla Firefox. A remote attacker could exploit this vulnerability via a specially crafted _moveToEdgeShift() XUL tree method to trigger garbage collection on objects, which are still in use. Successful exploitation of this vulnerability could allow a remote attacker to execute an arbitrary code.

Note : Mozilla SeaMonkey versions is not affected by this issue.

2. Mozilla XSL Parsing 'root' XML Tag Remote Memory     Corruption Vulnerability (CVE-2009-1169)

This vulnerability is caused due to improper handling of errors encountered when transforming an XML document in Mozilla Firefox and SeaMonkey. A remote attacker could exploit this vulnerability via a specially crafted XSLT code to trigger the stack memory corruption error. Successful exploitation of this vulnerability could allow a remote attacker to execute an arbitrary code or cause a denial of service condition.

Solution

Update to Mozilla Firefox version 3.0.8
http://www.mozilla.com/en-US/firefox/all.html

Update to Mozilla SeaMonkey version 1.1.16
http://www.mozilla.org/projects/seamonkey/

Vendor Information

Mozilla
www.mozilla.org/security/announce/2009/mfsa2009-13.html
www.mozilla.org/security/announce/2009/mfsa2009-12.html
www.mozilla.org/security/announce/2009/mfsa2009-13.html
www.mozilla.org/security/announce/2009/mfsa2009-12.html

References

 Bugzilla
https://bugzilla.mozilla.org/show_bug.cgi?id=485217
https://bugzilla.mozilla.org/show_bug.cgi?id=460090 https://bugzilla.mozilla.org/show_bug.cgi?id=485286
https://bugzilla.mozilla.org/show_bug.cgi?id=484320

Secunia
http://secunia.com/advisories/34471/3/

SecurityFocus
http://www.securityfocus.com/bid/34181
http://www.securityfocus.com/bid/34235/

SecurityTracker
http://securitytracker.com/alerts/2009/Mar/1021878.html
http://securitytracker.com/alerts/2009/Mar/1021939.html

VUPEN
http://www.vupen.com/english/advisories/2009/0853

MILW0RM
http://www.milw0rm.com/exploits/8285

CVE Name
CVE-2009-1044
CVE-2009-1169

CWE
CWE-94

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information


Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003