---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: Mozilla Firefox Multiple Vulnerabilities SECUNIA ADVISORY ID: SA35914 VERIFY ADVISORY: http://secunia.com/advisories/35914/ DESCRIPTION: Some vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to conduct cross-site scripting attacks or compromise a user's system. 1) Multiple errors in the browser engine can be exploited to corrupt memory and potentially execute arbitrary code. 2) An integer overflow error in a base64 decoding function can be exploited to corrupt memory and potentially execute arbitrary code. 3) An error in the handling of multiple RDF files in a XUL tree element can be exploited to corrupt memory and potentially execute arbitrary code. 4) An error exists in the construction of documents, which can result in double copies of certain elements within this document. 5) An error in the handling of frames can be exploited to cause a memory corruption and potentially execute arbitrary code. 6) Multiple errors in the Javascript engine can be exploited to corrupt memory and potentially execute arbitrary code. 7) An error in the handling of Flash objects when navigating to another page can potentially be exploited to trigger a call to a deleted object and potentially execute arbitrary code. 8) Multiple vulnerabilities in various font glyph rendering libraries can be exploited by malicious people to compromise a user's system. For more information: SA35021 9) An error in the handling of SVG elements on which a watch function and __defineSetter__ function have been set for a certain property can be exploited to cause a memory corruption and execute arbitrary code. 10) An error when setTimeout() is invoked with certain object parameters can result in the object loosing its wrapper. This can potentially be exploited to execute arbitrary Javascript code with chrome privileges. 11) Various errors in the handling of wrappers for objects can potentially be exploited to access properties of such objects that have been set by a different site and e.g. conduct cross-site scripting attacks. SOLUTION: Update to version 3.0.12. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Martijn Wargers, Arno Renevier, Jesse Ruderman, Olli Pettay, and Blake Kaplan 2) monarch2020 3) Christophe Charron 4) Yongqian Li 5) John Senchak 6) Peter Van der Beken, Mike Shaver, Jesse Ruderman, and Carsten Book 7) Attila Suszter 8) Will Drewry 9) PenPal 10) Blake Kaplan 11) moz_bug_r_a4 ORIGINAL ADVISORY: Mozilla Foundation: http://www.mozilla.org/security/announce/2009/mfsa2009-34.html http://www.mozilla.org/security/announce/2009/mfsa2009-35.html http://www.mozilla.org/security/announce/2009/mfsa2009-36.html http://www.mozilla.org/security/announce/2009/mfsa2009-37.html http://www.mozilla.org/security/announce/2009/mfsa2009-39.html http://www.mozilla.org/security/announce/2009/mfsa2009-40.html OTHER REFERENCES: SA35021: http://secunia.com/advisories/35021/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------