[Bug 210155] [NEW] [xulrunner] [DSA-1532-1] several vulnerabilities

hk47 bugtracker at slideomania.com
Tue Apr 1 09:23:18 UTC 2008 

*** This bug is a security vulnerability ***

Public security bug reported:

Binary package hint: xulrunner

References:
DSA-1532-1 (http://www.debian.org/security/2008/dsa-1532)

Quoting:
"Several remote vulnerabilities have been discovered in Xulrunner, a
runtime environment for XUL applications. The Common Vulnerabilities
and Exposures project identifies the following problems:

CVE-2007-4879

    Peter Brodersen and Alexander Klink discovered that the
    autoselection of SSL client certificates could lead to users
    being tracked, resulting in a loss of privacy.

CVE-2008-1233

    "moz_bug_r_a4" discovered that variants of CVE-2007-3738 and
    CVE-2007-5338 allow the execution of arbitrary code through
    XPCNativeWrapper.

CVE-2008-1234

    "moz_bug_r_a4" discovered that insecure handling of event
    handlers could lead to cross-site scripting.

CVE-2008-1235

    Boris Zbarsky, Johnny Stenback, and "moz_bug_r_a4" discovered
    that incorrect principal handling could lead to cross-site
    scripting and the execution of arbitrary code.

CVE-2008-1236

    Tom Ferris, Seth Spitzer, Martin Wargers, John Daggett and Mats
    Palmgren discovered crashes in the layout engine, which might
    allow the execution of arbitrary code.

CVE-2008-1237

    "georgi", "tgirmann" and Igor Bukanov discovered crashes in the
    Javascript engine, which might allow the execution of arbitrary
    code.

CVE-2008-1238

    Gregory Fleischer discovered that HTTP Referrer headers were
    handled incorrectly in combination with URLs containing Basic
    Authentication credentials with empty usernames, resulting
    in potential Cross-Site Request Forgery attacks.

CVE-2008-1240

    Gregory Fleischer discovered that web content fetched through
    the jar: protocol can use Java to connect to arbitrary ports.
    This is only an issue in combination with the non-free Java
    plugin.

CVE-2008-1241

    Chris Thomas discovered that background tabs could generate
    XUL popups overlaying the current tab, resulting in potential
    spoofing attacks."

** Affects: xulrunner (Ubuntu)
     Importance: Undecided
         Status: New

** Visibility changed to: Public

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2007-4879

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-1233

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-1234

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-1235

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-1236

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-1237

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-1238

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-1240

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-1241

-- 
[xulrunner] [DSA-1532-1] several vulnerabilities
https://bugs.launchpad.net/bugs/210155
You received this bug notification because you are a member of Mozilla
Bugs, which is subscribed to xulrunner in ubuntu.

More information about the Ubuntu-mozillateam-bugs mailing list