SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Web Browser)  >   Mozilla Firefox Vendors:   Mozilla.org
(Oracle Issues Fix for Oracle Linux) Mozilla Firefox Multiple Bugs Let Remote Users Spoof the Address Bar, Bypass Security Restrictions, and Execute Arbitrary Code
SecurityTracker Alert ID:  1042024
SecurityTracker URL:  http://securitytracker.com/id/1042024
CVE Reference:   CVE-2017-16541, CVE-2018-12376, CVE-2018-12377, CVE-2018-12378, CVE-2018-12379   (Links to External Site)
Date:  Nov 2 2018
Impact:   Execution of arbitrary code via network, Modification of system information, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   Multiple vulnerabilities were reported in Mozilla Firefox. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can bypass security controls on the target system. A remote user can spoof the address bar.

A remote user can use a 'javascript:' URI with JavaScript to insert text before the domain name to spoof the address bar [CVE-2018-12382]. Firefox for Android is affected.

A remote user can create specially crafted content that, when loaded by the target user, will execute arbitrary code on the target user's system.

A use-after-free memory error may occur in certain cases when refresh driver timers are refreshed [CVE-2018-12377].

A use-after-free memory error may occur when an IndexedDB index is deleted while still in use [CVE-2018-12378].

An out-of-bounds memory write error may occur when the Mozilla Updater opens a MAR format file that contains a very long item filename [CVE-2018-12379].

When the automount feature with autofs is used to create a mount point on the local file system, content can be loaded from this file system using a 'file:' URI without being processed via the proxy settings [CVE-2017-16541]. macOS is affected. Linux-based systems with autofs installed are also affected.

When the target user drags and drops an Outlook email message into the browser, a page navigation may occur [CVE-2018-12381]. Windows-based systems with Outlook installed are affected.

When a master password is set after version 58.0, unencrypted passwords are not deleted [CVE-2018-12383].

Other memory safety errors may occur [CVE-2018-12375, CVE-2018-12376].

Alex Gaynor, Andrei Cristian Petcu, Bogdan Tara, Boris Zbarsky, Christian Holler, Christoph Diehl, Filippo Cavallarin, Gary Kwong, Holger Fuhrmannek, Jana Squires, Jason Kratzer, Jed Davis, Jesse Ruderman, Jordi Chancel, Jurgen Gaeremyn, Karl Tomlinson, Looben Yang, Mats Palmgren, Nicolas Grunbaum, Nika Layzell, Nils, Sebastian Hengst, Ted Campbell, Tyson Smith, and Zhanjia Song reported these vulnerabilities.

Impact:   A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.

A remote user can bypass security controls on the target system.

A remote user can spoof the address bar.

Solution:   Oracle has issued a fix for CVE-2017-16541, CVE-2018-12376, CVE-2018-12377, CVE-2018-12378, and CVE-2018-12379.

The Oracle Linux advisory is available at:

http://linux.oracle.com/errata/ELSA-2018-3006.html

Vendor URL:  linux.oracle.com/errata/ELSA-2018-3006.html (Links to External Site)
Cause:   Access control error, Input validation error, State error
Underlying OS:  Linux (Oracle)
Underlying OS Comments:  6

Message History:   This archive entry is a follow-up to the message listed below.
Sep 7 2018 Mozilla Firefox Multiple Bugs Let Remote Users Spoof the Address Bar, Bypass Security Restrictions, and Execute Arbitrary Code



 Source Message Contents

Subject:  [El-errata] ELSA-2018-3006 Critical: Oracle Linux 6 firefox security update

Oracle Linux Security Advisory ELSA-2018-3006

http://linux.oracle.com/errata/ELSA-2018-3006.html

The following updated rpms for Oracle Linux 6 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
firefox-60.3.0-1.0.1.el6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/firefox-60.3.0-1.0.1.el6.src.rpm



Description of changes:

[60.3.0-1.0.1]
- fix LD_LIBRARY_PATH
- Add firefox-oracle-default-prefs.js and remove the corresponding Red 
Hat one

[60.3.0-1]
- Update to 60.3.0 ESR

[60.2.2-2]
- Added patch for rhbz#1633932

[60.2.2-1]
- Update to 60.2.2 ESR

[60.2.1-1]
- Update to 60.2.1 ESR

[60.2.0-1]
- Update to 60.2.0 ESR

[60.1.0-9]
- Do not set user agent (rhbz#1608065)
- GTK dialogs are localized now (rhbz#1619373)
- JNLP association works again (rhbz#1607457)

[60.1.0-8]
- Fixed homepage and bookmarks (rhbz#1606778)
- Fixed missing file associations in RHEL6 (rhbz#1613565)

[60.1.0-7]
- Run at-spi-bus if not running already (for the bundled gtk3)

[60.1.0-6]
- Fix for missing schemes for bundled gtk3

[60.1.0-5]
- Added mesa-libEGL dependency to gtk3/rhel6

[60.1.0-4]
- Disabled jemalloc on all second arches

[60.1.0-3]
- Updated to 60.1.0 ESR build2

[60.1.0-2]
- Disabled jemalloc on second arches

[60.1.0-1]
- Updated to 60.1.0 ESR

[60.0-12]
- Fixing bundled libffi issues
- Readded some requirements

[60.0-10]
- Added fix for mozilla BZ#1436242 - IPC crashes.

[60.0-9]
- Bundling libffi for the sec-arches
- Added openssl-devel for the Python
- Fixing bundled gtk3

[60.0-8]
- Added fix for mozilla BZ#1458492

[60.0-7]
- Added patch from rhbz#1498561 to fix ppc64(le) crashes.

[60.0-6]
- Disabled jemalloc on second arches

[60.0-4]
- Update to 60.0 ESR


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC