Mozilla Firefox / Thunderbird / SeaMonkey Multiple

by Carol~ Moderator - 10/12/12 7:06 AM

In Reply to: VULNERABILITIES / FIXES - October 12, 2012 by Carol~ Moderator

Mozilla Firefox / Thunderbird / SeaMonkey Multiple Vulnerabilities

Release Date : 2012-10-11
Last Update : 2012-10-12

Criticality level : Highly critical
Impact: Security Bypass
System access
Where : From remote
Solution Status : Vendor Patch

Software: Mozilla Firefox 16.x
Mozilla SeaMonkey 2.x
Mozilla Thunderbird 16.x

Description:
Some vulnerabilities have been reported in Mozilla Firefox, Thunderbird, and SeaMonkey, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

1) The protected "location" object is accessible by other domain objects, which can be exploited to bypass the same origin policy and gain access to sensitive information.

2) An unspecified error within the "FT2FontEntry::CreateFontEntry()" function can be exploited to corrupt memory.

3) An unspecified error within the "mozilla::net::FailDelayManager::Lookup()" function when handling certain websockets can be exploited to corrupt memory.

4) An error within security wrappers does not unwrap the "defaultValue" properly and can be exploited to gain access to the "location" object.

The vulnerabilities are reported in Firefox and Thunderbird versions prior to 16.0.1 and SeaMonkey versions prior to 2.13.1.

Solution:
Update Firefox and Thunderbird to versions 16.0.1 and SeaMonkey to version 2.13.1.

Provided and/or discovered by:
1) Gareth Heyes
2, 3) Reported by the vendor.
4) The vendor credits moz_bug_r_a4.

Original Advisory:
Mozilla:
http://blog.mozilla.org/security/2012/10/10/security-vulnerability-in-firefox-16/
http://www.mozilla.org/security/announce/2012/mfsa2012-88.html
http://www.mozilla.org/security/announce/2012/mfsa2012-89.html

Gareth Heyes:
http://www.thespanner.co.uk/2012/10/10/firefox-knows-what-your-friends-did-last-summer/

http://secunia.com/advisories/50932