| New User, Welcome! Login |
Firefox 3.6
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 8.04 LTS:
firefox 3.6.6+nobinonly-0ubuntu0.8.04.1
xulrunner-1.9.2 1.9.2.6+nobinonly-0ubuntu0.8.04.1
Ubuntu 10.04 LTS:
abrowser 3.6.6+nobinonly-0ubuntu0.10.04.1
firefox 3.6.6+nobinonly-0ubuntu0.10.04.1
xulrunner-1.9.2 1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2
Mozilla has changed the support model for Firefox and they no longer
support version 3.0 of the browser and will only support version 3.5 of the
browser for a while longer. As a result, Ubuntu is providing an upgrade to
Firefox 3.6 for Ubuntu 9.04 and 9.10 users, which is the most current
stable release of Firefox supported by Mozilla. When upgrading, users
should be aware of the following:
- Firefox 3.6 does not support version 5 of the Sun Java plugin. Please use
icedtea6-plugin or sun-java6-plugin instead.
Problem Description:
Security issues were identified and fixed in firefox:
Security researcher regenrecht reported (via TippingPoint's Zero Day
Initiative) a potential reuse of a deleted image frame in Firefox 3.6's
handling of multipart/x-mixed-replace images. Although no exploit was
shown, re-use of freed memory has led to exploitable vulnerabilities
in the past (CVE-2010-0164).
Mozilla developers identified and fixed several stability bugs in the
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Good question. Confirmed on Linux version as well (Mozilla/5.0 (X11; U;
Linux i686; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6). More
information about the rogue-CA can be found here:
http://www.phreedom.org/research/rogue-ca/.
# openssl x509 -in MD5CollisionsInc.pem -noout -text
Certificate:
Title: Firefox 3.6.3 (latest) <= memory exhaustion crash vulnerabilities
0x01. Description:
Memory exhaustion of Firefox 3.6.3 (latest) <= makes firefox can't make texts into body element and then it crashed.
( raise exception using PoC #1, lower memory area read access violation using PoC #2 )
Ofcourse an variation PoC made NULL Pointer deref so may also could be code execution ( 0.1 % ). :-)
URL: http://www.x90c.org/advisories/firefox_3.6.3_crash_advisory.txt
---------------------------------------------------------------------------
Title: Setting arbitrary Personas without user interaction in Firefox 3.6
Product: Mozilla Firefox
Version: 3.6
PoC: http://wtikay.com/personas/
By: Artur Janc
Date: 01/26/2010
---------------------------------------------------------------------------
1. OVERVIEW
Problem Description:
Security issues were identified and fixed in firefox:
Security researcher regenrecht reported (via TippingPoint's Zero Day
Initiative) a potential reuse of a deleted image frame in Firefox 3.6's
handling of multipart/x-mixed-replace images. Although no exploit was
shown, re-use of freed memory has led to exploitable vulnerabilities
in the past (CVE-2010-0164).
Mozilla developers identified and fixed several stability bugs in the
Security issues were identified and fixed in mozilla firefox and
thunderbird:
Mozilla developers and community members identified and fixed several
memory safety bugs in the browser engine used in Firefox 3.6 and
other Mozilla-based products. Some of these bugs showed evidence of
memory corruption under certain circumstances, and we presume that
with enough effort at least some of these could be exploited to run
arbitrary code (CVE-2011-2982).
In Firefox 3.6 for Windows, go to Tools -> Options -> Advanced -> Encryption ->
View Certificates -> Authorities and scroll down to the entry for "Equifax
Secure Inc." and you'll see a cert labeled "MD5 Collisions Inc
(http://www.phreedom.org/md5)" grouped with the other Equifax certs.
Yes, it's expired, so it poses no real threat, but why is the Mozilla Project
shipping Firefox with that cert? It just causes FUD.
--
Fran
applications that use Xulrunner to effect the necessary changes.
Details follow:
USN-930-4 fixed vulnerabilities in Firefox and Xulrunner on Ubuntu 9.04 and
9.10. This update provides updated packages for use with Firefox 3.6 and
Xulrunner 1.9.2.
Original advisory details:
If was discovered that Firefox could be made to access freed memory. If a
On Fri, Mar 19, 2010 at 08:22:16PM +0000, Francis Litterio wrote:
> In Firefox 3.6 for Windows, go to Tools -> Options -> Advanced -> Encryption ->
> View Certificates -> Authorities and scroll down to the entry for "Equifax
> Secure Inc." and you'll see a cert labeled "MD5 Collisions Inc
> (http://www.phreedom.org/md5)" grouped with the other Equifax certs.
>
> Yes, it's expired, so it poses no real threat, but why is the Mozilla Project
> shipping Firefox with that cert? It just causes FUD.
https://bugzilla.mozilla.org/show_bug.cgi?id=471715 is the associated mozilla bug.
Vulnerable versions are Firefox 3.0.13 and previous versions (and 3.5.x
should be also vulnerable).
As I wrote in my article Cross-Site Scripting attacks via redirectors
(http://websecurity.com.ua/3386/), later I found that this vulnerability
also exists in browsers SeaMonkey 1.1.17, Firefox 3.6 a1 pre, Firefox 3.7 a1
pre, Orca Browser 1.2 build 5 and Maxthon 3 Alpha (3.0.0.145) with
Ultramode.
Best wishes & regards,
MustLive
the necessary changes.
Details follow:
USN-930-1 fixed vulnerabilities in Firefox. Due to a software packaging
problem, the Firefox 3.6 update could not be installed when the firefox-2
package was also installed. This update fixes the problem and updates
apturl for the change.
Original advisory details:
use Xulrunner to effect the necessary changes.
Details follow:
USN-930-1 fixed vulnerabilities in Firefox and Xulrunner. This update
provides updated packages for use with Firefox 3.6 and Xulrunner 1.9.2 on
Ubuntu 8.04 LTS.
Original advisory details:
If was discovered that Firefox could be made to access freed memory. If a
|
|
|
