USN-2424-1: Firefox vulnerabilities

Ubuntu Security Notice USN-2424-1

2nd December, 2014

firefox vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 14.10


• Ubuntu 14.04 LTS


• Ubuntu 12.04 LTS

Summary

Firefox could be made to crash or run programs as your login if it opened a malicious website.

Software description

• firefox - Mozilla Open Source web browser

Details

Gary Kwong, Randell Jesup, Nils Ohlmeier, Jesse Ruderman, Max Jonas

Werner, Christian Holler, Jon Coppeard, Eric Rahm, Byron Campen, Eric

Rescorla, and Xidorn Quan discovered multiple memory safety issues in

Firefox. If a user were tricked in to opening a specially crafted website,

an attacker could potentially exploit these to cause a denial of service

via application crash, or execute arbitrary code with the privileges of

the user invoking Firefox. (CVE-2014-1587, CVE-2014-1588)

Cody Crews discovered a way to trigger chrome-level XBL bindings from web

content in some circumstances. If a user were tricked in to opening a

specially crafted website, an attacker could potentially exploit this to

bypass security restrictions. (CVE-2014-1589)

Joe Vennix discovered a crash when using XMLHttpRequest in some

circumstances. If a user were tricked in to opening a specially crafted

website, an attacker could potentially exploit this to cause a denial of

service. (CVE-2014-1590)

Muneaki Nishimura discovered that CSP violation reports did not remove

path information in some circumstances. If a user were tricked in to

opening a specially crafted website, an attacker could potentially

exploit this to obtain sensitive information. (CVE-2014-1591)

Berend-Jan Wever discovered a use-after-free during HTML parsing. If a

user were tricked in to opening a specially crafted website, an attacker

could potentially exploit this to cause a denial of service via

application crash or execute arbitrary code with the privileges of the

user invoking Firefox. (CVE-2014-1592)

Abhishek Arya discovered a buffer overflow when parsing media content. If

a user were tricked in to opening a specially crafted website, an attacker

could potentially exploit this to cause a denial of service via

application crash or execute arbitrary code with the privileges of the

user invoking Firefox. (CVE-2014-1593)

Byoungyoung Lee, Chengyu Song, and Taesoo Kim discovered a bad cast in the

compositor. If a user were tricked in to opening a specially crafted

website, an attacker could potentially exploit this to cause undefined

behaviour, a denial of service via application crash or execute abitrary

code with the privileges of the user invoking Firefox. (CVE-2014-1594)

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 14.10:

firefox 34.0+build2-0ubuntu0.14.10.2

Ubuntu 14.04 LTS:

firefox 34.0+build2-0ubuntu0.14.04.1

Ubuntu 12.04 LTS:

firefox 34.0+build2-0ubuntu0.12.04.1

To update your system, please follow these instructions: http://bit.ly/1aJDvTw.

After a standard system update you need to restart Firefox to make

all the necessary changes.

References

CVE-2014-1587, CVE-2014-1588, CVE-2014-1589, CVE-2014-1590, CVE-2014-1591, CVE-2014-1592, CVE-2014-1593, CVE-2014-1594

from Ubuntu Security Notices http://bit.ly/1tAZwwE