CERT-In Advisory
CIAD-2012-0051
Multiple Vulnerabilities in Mozilla Products
Original Issue Date: October 22, 2012
Severity Rating: High
Systems Affected
- Mozilla Firefox versions prior to 16.0
- Mozilla Firefox ESR versions prior to 10.0.8
- Mozilla Thunderbird versions prior to 16.0
- Mozilla Thunderbird ESR versions prior to 10.0.8
- Mozilla SeaMonkey versions prior to 2.13
Overview
Multiple vulnerabilities have been reported in Mozilla Firefox, Thunderbird, and SeaMonkey, which could allow a remote attacker to execute arbitrary code on the target user's system, to conduct cross-site scripting and spoofing attacks, to bypass certain security restrictions and potentially compromise an affected system.
Description
1. Mozilla Remote Code Execution Vulnerabilities
(
CVE-2012-3982
CVE-2012-3983
CVE-2012-3986
CVE-2012-3988
CVE-2012-3989
CVE-2012-3990
CVE-2012-3991
CVE-2012-3995
CVE-2012-4179
CVE-2012-4180
CVE-2012-4181
CVE-2012-4182
CVE-2012-4183
CVE-2012-4185
CVE-2012-4186
CVE-2012-4187
CVE-2012-4188
)
These vulnerabilities in Mozilla Products are caused due to invalid cast error during use of instanceof operator, memory corruption errors, use-after-free errors in IME State Manager code, DOMSVGTests::GetRequiredFeatures(), mozRequestFullScreen method and history.back method, Buffer overflow errors in nsCharTraits::length(), Convolve3x3(), nsCharTraits::length() and nsHTMLEditor::IsPrevCharInNodeWhitespace() and access control errors in DOMWindowUtils method and GetProperty().Successful exploitation of these vulnerabilities may allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash)
2. Mozilla Cross Site Scripting Vulnerabilities
(
CVE-2012-3985
CVE-2012-3992
CVE-2012-3993
CVE-2012-3994
CVE-2012-4184
)
These vulnerabilities are caused due to improper implementation of HTML5 Same Origin Policy, Chrome Object Wrapper (COW) and improper management of history data. A remote attacker could exploit these vulnerabilities to execute arbitrary JavaScript code by convincing a user to visit a specially crafted malicious web page and conduct cross-site scripting (XSS) attacks with the privileges of the target user.
3. Select Element Spoofing Vulnerability
(
CVE-2012-3984
)
This vulnerability in Mozilla products for Windows occurs due to improper handling of navigation away from a web page with an active {select} menu. Successful exploitation could allow an attacker to spoof page contents by covering arbitrary portions of the new page through absolute positioning.
4. Mozilla Firefox for Android Security Bypass Vulnerability
(
CVE-2012-3987
)
This vulnerability in Mozilla Firefox on Android occurs when the contents of a page are not properly sanitized if it is transitioned into Reader Mode and gains Chrome privileges. A remote attacker could exploit this vulnerability by convincing a user to enable reader mode for a malicious page which could lead attacker to bypass intended access restrictions.
Solution
Upgrade to Mozilla Firefox version 16.0 or 10.0.8:
http://www.mozilla.com/firefox/
Upgrade to Mozilla Thunderbird version 16.0 or 10.0.8:
http://www.mozilla.com/thunderbird/
Upgrade to Mozilla SeaMonkey version 2.13:
http://www.mozilla.com/seamonkey/
Vendor Information
Mozilla
http://www.mozilla.org/security/announce/2012/mfsa2012-74.html
http://www.mozilla.org/security/announce/2012/mfsa2012-75.html
http://www.mozilla.org/security/announce/2012/mfsa2012-76.html
http://www.mozilla.org/security/announce/2012/mfsa2012-77.html
http://www.mozilla.org/security/announce/2012/mfsa2012-78.html
http://www.mozilla.org/security/announce/2012/mfsa2012-79.html
http://www.mozilla.org/security/announce/2012/mfsa2012-80.html
http://www.mozilla.org/security/announce/2012/mfsa2012-81.html
http://www.mozilla.org/security/announce/2012/mfsa2012-82.html
http://www.mozilla.org/security/announce/2012/mfsa2012-83.html
http://www.mozilla.org/security/announce/2012/mfsa2012-84.html
http://www.mozilla.org/security/announce/2012/mfsa2012-85.html
http://www.mozilla.org/security/announce/2012/mfsa2012-86.html
http://www.mozilla.org/security/announce/2012/mfsa2012-87.html
References
Mozilla
http://www.mozilla.org/security/announce/2012/mfsa2012-74.html
http://www.mozilla.org/security/announce/2012/mfsa2012-75.html
http://www.mozilla.org/security/announce/2012/mfsa2012-76.html
http://www.mozilla.org/security/announce/2012/mfsa2012-77.html
http://www.mozilla.org/security/announce/2012/mfsa2012-78.html
http://www.mozilla.org/security/announce/2012/mfsa2012-79.html
http://www.mozilla.org/security/announce/2012/mfsa2012-80.html
http://www.mozilla.org/security/announce/2012/mfsa2012-81.html
http://www.mozilla.org/security/announce/2012/mfsa2012-82.html
http://www.mozilla.org/security/announce/2012/mfsa2012-83.html
http://www.mozilla.org/security/announce/2012/mfsa2012-84.html
http://www.mozilla.org/security/announce/2012/mfsa2012-85.html
http://www.mozilla.org/security/announce/2012/mfsa2012-86.html
http://www.mozilla.org/security/announce/2012/mfsa2012-87.html
SecurityTracker
http://securitytracker.com/id/1027631
http://securitytracker.com/id/1027632
http://securitytracker.com/id/1027633
Security Focus
http://www.securityfocus.com/bid/55856/
CVE Name
CVE-2012-3982
CVE-2012-3983
CVE-2012-3984
CVE-2012-3985
CVE-2012-3986
CVE-2012-3987
CVE-2012-3988
CVE-2012-3989
CVE-2012-3990
CVE-2012-3991
CVE-2012-3992
CVE-2012-3993
CVE-2012-3994
CVE-2012-3995
CVE-2012-4179
CVE-2012-4180
CVE-2012-4181
CVE-2012-4182
CVE-2012-4183
CVE-2012-4184
CVE-2012-4185
CVE-2012-4186
CVE-2012-4187
CVE-2012-4188
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Email: info@cert-in.org.in Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
Electronics Niketan
6, CGO Complex, Lodhi Road,
New Delhi - 110 003
India
|