Mozilla Firefox Bugs Let Remote Users Bypass Same-Domain Controls and Spoof URLs - SecurityTracker

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

Home | View Topics | Search | Contact Us |

SecurityTracker
Archives

Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: Application (Web Browser) > Mozilla Firefox

Vendors: Mozilla.org

Mozilla Firefox Bugs Let Remote Users Bypass Same-Domain Controls and Spoof URLs

SecurityTracker Alert ID: 1024226

SecurityTracker URL: http://securitytracker.com/id/1024226

CVE Reference: CVE-2010-0654, CVE-2010-1206, CVE-2010-1207, CVE-2010-1210, CVE-2010-1213, CVE-2010-2751, CVE-2010-2754 (Links to External Site)

Updated: Jul 21 2010

Original Entry Date: Jul 21 2010

Impact: Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Modification of system information

Fix Available: Yes Vendor Confirmed: Yes

Version(s): prior to 3.5.11, prior to 3.6.7

Description: Several vulnerabilities were reported in Mozilla Firefox. A remote user can bypass same-site domain controls. A remote user can spoof URLs in the address bar.

A remote user can exploit the Web Worker method importScripts to read and parse resources from other domains [CVE-2010-1213]. Mozilla SeaMonkey is affected. Yosuke Hasegawa reported this vulnerability.

A remote user can exploit a canvas element to read data from another site [CVE-2010-1207]. Mozilla developer Vladimir Vukicevic reported this vulnerability.

A remote user can use specially crafted 8 bit character encodings to cause certain characters to not be displayed [CVE-2010-1210]. This can be exploited to conduct cross-site scripting and other attacks. O. Andersen reported this vulnerability.

A remote user can open a new window that contains a resource that responds with an HTTP 204 (no content) and then use the reference to the new window to insert HTML content into the blank document. A remote user can also open a new window and then call window.stop() before the document is loaded. These methods allow the remote user to spoof the location bar [CVE-2010-1206]. Mozilla SeaMonkey is affected. Google security researcher Michal Zalewski reported this vulnerability.

A remote user can redirect a request for a plaintext resource to another resource that is protected by a valid SSL/TLS certificate and then make a second request to the original plaintext resource with a response containing JavaScript history.back() and history.forward() calls to cause the plaintext resource being displayed with valid SSL/TLS badging in the location bar [CVE-2010-2751]. Mozilla SeaMonkey is affected. Jordi Chancel reported this vulnerability.

A remote user that can inject bogus CSS selectors into a target site and then retrieve the data using JavaScript APIs can obtain data from a different domain [CVE-2010-0654]. Mozilla SeaMonkey is affected. Google security researcher Chris Evans reported this vulnerability.

A remote user can trigger script errors where the script filename and line number is included in the error message to obtain potentially sensitive URL parameters from other domains [CVE-2010-2754]. Mozilla SeaMonkey is affected. Soroush Dalili reported this vulnerability.

Impact: A remote user can bypass same-site domain controls.

A remote user can spoof URLs in the address bar.

Solution: The vendor has issued a fix (3.5.11, 3.6.7).

The vendor's advisories are available at:

http://www.mozilla.org/security/announce/2010/mfsa2010-42.html
http://www.mozilla.org/security/announce/2010/mfsa2010-43.html
http://www.mozilla.org/security/announce/2010/mfsa2010-44.html
http://www.mozilla.org/security/announce/2010/mfsa2010-45.html
http://www.mozilla.org/security/announce/2010/mfsa2010-46.html
http://www.mozilla.org/security/announce/2010/mfsa2010-47.html

Vendor URL: www.mozilla.org/security/announce/2010/mfsa2010-42.html (Links to External Site)

Cause: Access control error, Input validation error, State error

Underlying OS: Linux (Any), UNIX (Any), Windows (Any)

Message History: This archive entry has one or more follow-up message(s) listed below.

Jul 21 2010	(Red Hat Issues Fix) Mozilla Firefox Bugs Let Remote Users Bypass Same-Domain Controls and Spoof URLs (bugzilla@redhat.com) Red Hat has issued a fix for Red Hat Enterprise Linux 4 and 5.
Jul 21 2010	(Red Hat Issues Fix for SeaMonkey) Mozilla Firefox Bugs Let Remote Users Bypass Same-Domain Controls and Spoof URLs (bugzilla@redhat.com) Red Hat has issued a fix for SeaMonkey for CVE-2010-2751 and CVE-2010-2754 for Red Hat Enterprise Linux 3 and 4.

Source Message Contents

Date: Wed, 21 Jul 2010 02:38:31 +0000
Subject: Mozilla Firefox


http://www.mozilla.org/security/announce/2010/mfsa2010-42.html
http://www.mozilla.org/security/announce/2010/mfsa2010-43.html
http://www.mozilla.org/security/announce/2010/mfsa2010-44.html
http://www.mozilla.org/security/announce/2010/mfsa2010-45.html
http://www.mozilla.org/security/announce/2010/mfsa2010-46.html
http://www.mozilla.org/security/announce/2010/mfsa2010-47.html

CVE-2010-0654
CVE-2010-1206
CVE-2010-1207
CVE-2010-1210
CVE-2010-1213
CVE-2010-2751
CVE-2010-2754

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us
Copyright 2013, SecurityGlobal.net LLC