The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Firefox, Thunderbird, SeaMonkey: several vulnerabilities

Synthesis of the vulnerability 

Several vulnerabilities of Firefox, Thunderbird and SeaMonkey can be used by an attacker to execute code on victim's computer.
Impacted products: Debian, Fedora, Mandriva Linux, Firefox, SeaMonkey, Thunderbird, OpenSolaris, openSUSE, Solaris, RHEL, Slackware, SLES.
Severity of this bulletin: 4/4.
Number of vulnerabilities in this bulletin: 7.
Creation date: 29/04/2011.
Références of this threat: BID-47635, BID-47641, BID-47646, BID-47647, BID-47648, BID-47651, BID-47653, BID-47654, BID-47655, BID-47656, BID-47657, BID-47659, BID-47660, BID-47661, BID-47662, BID-47663, BID-47666, BID-47667, BID-47668, CERTA-2003-AVI-001, CERTA-2011-AVI-196, CERTA-2011-AVI-267, CERTFR-2014-AVI-112, CVE-2011-0065, CVE-2011-0066, CVE-2011-0067, CVE-2011-0068, CVE-2011-0069, CVE-2011-0070, CVE-2011-0071, CVE-2011-0072, CVE-2011-0073, CVE-2011-0074, CVE-2011-0075, CVE-2011-0076, CVE-2011-0077, CVE-2011-0078, CVE-2011-0079, CVE-2011-0080, CVE-2011-0081, CVE-2011-1202, DSA-2227-1, DSA-2228-1, DSA-2235-1, FEDORA-2011-6205, FEDORA-2011-6245, FEDORA-2011-6258, MDVSA-2011:079, MDVSA-2011:080, MFSA 2011-12, MFSA 2011-13, MFSA 2011-14, MFSA 2011-15, MFSA 2011-16, MFSA 2011-17, MFSA 2011-18, openSUSE-SU-2011:0437-1, openSUSE-SU-2014:1100-1, RHSA-2011:0471-01, RHSA-2011:0473-01, RHSA-2011:0474-01, RHSA-2011:0475-01, SSA:2011-122-01, SSA:2011-122-02, SSA:2011-122-03, SUSE-SA:2011:022, VIGILANCE-VUL-10605.

Description of the vulnerability 

Several vulnerabilities were announced in Firefox, Thunderbird and SeaMonkey.

An attacker can use several memory corruptions, in order to execute code. [severity:4/4; BID-47641, BID-47646, BID-47647, BID-47648, BID-47651, BID-47653, BID-47654, BID-47655, BID-47656, BID-47657, CVE-2011-0069, CVE-2011-0070, CVE-2011-0072, CVE-2011-0074, CVE-2011-0075, CVE-2011-0077, CVE-2011-0078, CVE-2011-0079, CVE-2011-0080, CVE-2011-0081, MFSA 2011-12]

An attacker can use several pointer dangling errors, in order to execute code. [severity:4/4; BID-47659, BID-47662, BID-47663, CERTA-2011-AVI-267, CVE-2011-0065, CVE-2011-0066, CVE-2011-0073, MFSA 2011-13]

An attacker can use a Java applet, in order to read the form history. [severity:2/4; BID-47667, CVE-2011-0067, MFSA 2011-14]

On Mac OS X, an attacker can use JEP (Java Embedding Plugin), in order to execute code. [severity:4/4; BID-47660, CVE-2011-0076, MFSA 2011-15]

An attacker can use a "resource:" uri, in order to access to system resources. [severity:2/4; BID-47666, CVE-2011-0071, MFSA 2011-16]

An attacker can use a vulnerability of WebGLES, in order to bypass ASLR. [severity:4/4; BID-47661, CVE-2011-0068, MFSA 2011-17]

An attacker can use the XSLT XPath generate-id() function, in order to obtain a memory address (VIGILANCE-VUL-10441). [severity:1/4; BID-47668, CVE-2011-1202, MFSA 2011-18]

The most severe vulnerabilities lead to code execution.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This computer vulnerability bulletin impacts software or systems such as Debian, Fedora, Mandriva Linux, Firefox, SeaMonkey, Thunderbird, OpenSolaris, openSUSE, Solaris, RHEL, Slackware, SLES.

Our Vigil@nce team determined that the severity of this vulnerability bulletin is critical.

The trust level is of type confirmed by the editor, with an origin of document.

This bulletin is about 7 vulnerabilities.

A proof of concept or an attack tool is available, so your teams have to process this alert. An attacker with a beginner ability can exploit this threat note.

Solutions for this threat 

Firefox: version 4.0.1.
The version 4.0.1 is corrected:
  http://www.mozilla-europe.org/fr/

Firefox: version 3.6.17.
The version 3.6.17 is corrected:
  http://www.mozilla.com/en-US/firefox/all-older.html

Firefox: version 3.5.19.
The version 3.5.19 is corrected:
  http://www.mozilla.com/en-US/firefox/all-older.html

Thunderbird: version 3.1.10.
The version 3.1.10 is corrected:
  http://www.mozillamessaging.com/fr/thunderbird/

SeaMonkey: version 2.0.14.
The version 2.0.14 is corrected:
  http://www.seamonkey-project.org/releases/

Debian: new iceape packages.
New packages are available:
  iceape 2.0.11-5

Debian: new icedove packages.
New packages are available:
  Debian squeeze: icedove version 3.0.11-1+squeeze2

Debian: new iceweasel packages.
New packages are available:
  iceweasel 3.5.16-7

Fedora 13: new firefox packages.
New packages are available:
  firefox-3.6.17-1.fc13

Fedora 14: new firefox packages.
New packages are available:
  firefox-3.6.17-1.fc14

Fedora: new seamonkey packages.
New packages are available:
  Fedora 14: seamonkey-2.0.14-1.fc14
  Fedora 13: seamonkey-2.0.14-1.fc13

Mandriva: new firefox packages.
New packages are available:
  firefox-3.6.17-0.1mdv2009.0
  firefox-3.6.17-0.1mdv2010.0
  firefox-3.6.17-0.1mdv2010.2
  firefox-3.6.17-0.1mdvmes5.2

Mandriva: new mozilla-thunderbird packages.
New packages are available:
  mozilla-thunderbird-3.1.10-0.1mdv2009.0
  mozilla-thunderbird-3.1.10-0.1mdv2010.0
  mozilla-thunderbird-3.1.10-0.1mdv2010.2

openSUSE 11.4: new MozillaFirefox packages (09/09/2014).
New packages are available:
  openSUSE 11.4: MozillaFirefox 24.8.0-127.1

RHEL 4, 5: new thunderbird packages.
New packages are available:
Red Hat Enterprise Linux version 4:
  thunderbird-1.5.0.12-38.el4
Red Hat Enterprise Linux version 5:
  thunderbird-2.0.0.24-17.el5_6

RHEL 4: new seamonkey packages.
New packages are available:
  seamonkey-1.0.9-70.el4_8

RHEL 6.0: new thunderbird packages.
New packages are available:
  thunderbird-3.1.10-1.el6_0

RHEL: new firefox packages.
New packages are available:
  firefox-3.6.17-2.el4
  firefox-3.6.17-1.el5_6
  firefox-3.6.17-1.el6_0

Slackware: new mozilla-firefox packages.
New packages are available:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/mozilla-firefox-3.6.17-i686-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/mozilla-firefox-3.6.17-x86_64-1_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/mozilla-firefox-3.6.17-i686-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/mozilla-firefox-4.0.1-i486-1_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/mozilla-firefox-3.6.17-x86_64-1_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/mozilla-firefox-4.0.1-x86_64-1_slack13.37.txz

Slackware: new mozilla-thunderbird packages.
New packages are available:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/mozilla-thunderbird-3.1.10-i686-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/mozilla-thunderbird-3.1.10-x86_64-1_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/mozilla-thunderbird-3.1.10-i686-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/mozilla-thunderbird-3.1.10-i486-1_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/mozilla-thunderbird-3.1.10-x86_64-1_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/mozilla-thunderbird-3.1.10-x86_64-1_slack13.37.txz

Slackware: new seamonkey packages.
New packages are available:
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/seamonkey-2.0.14-i486-1_slack12.2.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/seamonkey-2.0.14-i486-1_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/seamonkey-2.0.14-x86_64-1_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/seamonkey-2.0.14-i486-1_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/seamonkey-2.0.14-x86_64-1_slack13.1.txz

Solaris: patch for Thunderbird.
A patch is available:
Solaris 10 :
  SPARC: 145200-06
  X86: 145201-06
Solaris 11 Express :
  snv_151a + 7037668

SUSE: new MozillaFirefox, seamonkey, MozillaThunderbird packages.
New packages are available, as indicated in information sources.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a software vulnerability workaround. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications.