Multiple vulnerabilities in Mozilla - GoFuckYourself.com

jimmyf · 09-17-2004, 05:31 PM

Technical Cyber Security Alert TA04-261A
Multiple vulnerabilities in Mozilla products

Original release date: September 17, 2004 Last revised: -- Source: US-CERT
Systems Affected

Mozilla software, including the following:

* Mozilla web browser, email and newsgroup client
* Firefox web browser
* Thunderbird email client

Overview

Several vulnerabilities exist in the Mozilla web browser and derived
products, the most serious of which could allow a remote attacker to
execute arbitrary code on an affected system.

I. Description

Several vulnerabilities have been reported in the Mozilla web browser
and derived products. More detailed information is available in the
individual vulnerability notes:

VU#414240 - Mozilla Mail vulnerable to buffer overflow via writeGroup() function in nsVCardObj.cpp

Mozilla Mail contains a stack overflow vulnerability in the display routines for VCards. By sending an email message with a crafted VCard, a remote attacker may be able to execute arbitrary code on the victim's machine with the privileges of the current user. This can be exploited in the preview mode as well.

VU#847200 - Mozilla contains integer overflows in bitmap image decoder

A vulnerability in the way Mozilla and its derived programs handle certain bitmap images could allow a remote attacker to execute arbitrary code on a vulnerable system.

VU#808216 - Mozilla contains heap overflow in UTF8 conversion of hostname portion of URLs

A vulnerability in the way Mozilla and its derived programs handle certain malformed URLs could allow a remote attacker to execute arbitrary code on a vulnerable system.

VU#125776 - Multiple buffer overflows in Mozilla POP3 protocol handler

There are multiple buffer overflow vulnerabilities in the Mozilla POP3
protocol handler that could allow a malicious POP3 server to execute
arbitrary code on the affected system.

VU#327560 - Mozilla "send page" feature contains a buffer overflow
vulnerability

There is a buffer overflow vulnerability in the Mozilla "send page"
feature that could allow a remote attacker to execute arbitrary code.

VU#651928 - Mozilla allows arbitrary code execution via link dragging

A vulnerability affecting Mozilla web browsers may allow violation of
cross-domain scripting policies and possibly execute code originating
from a remote source.

II. Impact

These vulnerabilities could allow a remote attacker to execute
arbitrary code with the privileges of the user running the affected
application.

VU#847200 could also allow a remote attacker to crash an affected
application.

III. Solution

Upgrade to a patched version

Mozilla has released versions of the affected software that contain
patches for these issues:

* Mozilla 1.7.3
* Firefox Preview Release
* Thunderbird 0.8

Users are strongly encouraged to upgrade to one of these versions.

Appendix A. References

* Mozilla Security Advisory -
http://www.mozilla.org/projects/secu...erabilities.ht
ml>
* Mozilla 1.7.2 non-ascii hostname heap overrun, Gael Delalleau -
http://www.zencomsec.com/advisories/...2-UTF8link.txt>
* Security Audit of Mozilla's .bmp image parsing, Gael Delalleau -
<http://www.zencomsec.com/advisories/...-1.7.2-BMP.txt>
* Security Audit of Mozilla's POP3 client protocol, Gael Delalleau -
<http://www.zencomsec.com/advisories/...1.7.2-POP3.txt>
* US-CERT Vulnerability Note VU#414240 -
<http://www.kb.cert.org/vuls/id/414240>
* US-CERT Vulnerability Note VU#847200 -
<http://www.kb.cert.org/vuls/id/847200>
* US-CERT Vulnerability Note VU#808216 -
<http://www.kb.cert.org/vuls/id/808216>
* US-CERT Vulnerability Note VU#125776 -
<http://www.kb.cert.org/vuls/id/125776>
* US-CERT Vulnerability Note VU#327560 -
<http://www.kb.cert.org/vuls/id/327560>
* US-CERT Vulnerability Note VU#651928 -
<http://www.kb.cert.org/vuls/id/651928>
__________________________________________________ _______________

Mozilla has assigned credit for reporting of these issue to the
following:

* VU#414240: Georgi Guninski
* VU#847200: Gael Delalleau
* VU#808216: Gael Delalleau and Mats Palmgren
* VU#125776: Gael Delalleau
* VU#327560: Georgi Guninski
* VU#651928: Jesse Ruderman
__________________________________________________ _______________

Feedback can be directed to the US-CERT Technical Staff.
__________________________________________________ _______________

This document is available from:
<http://www.us-cert.gov/cas/techalerts/TA04-261A.html>
__________________________________________________ _______________

Copyright 2004 Carnegie Mellon University.

Terms of use: <http://www.us-cert.gov/legal.html>

Tempest · 09-17-2004, 05:36 PM

It just never ends.. Time for that job at McDs.

SmokeyTheBear · 09-17-2004, 06:19 PM

heh now how long did that take to find hahahahaha

lets see , it has been open for almost a year and they are only 1/3 done lol.. suckers...

Xtreme Fever · 09-17-2004, 06:22 PM

it's software. what do you expect?

09-17-2004, 05:31 PM	#1
jimmyf OU812 Join Date: Feb 2001 Location: California Posts: 12,651	Multiple vulnerabilities in Mozilla Technical Cyber Security Alert TA04-261A Multiple vulnerabilities in Mozilla products Original release date: September 17, 2004 Last revised: -- Source: US-CERT Systems Affected Mozilla software, including the following: * Mozilla web browser, email and newsgroup client * Firefox web browser * Thunderbird email client Overview Several vulnerabilities exist in the Mozilla web browser and derived products, the most serious of which could allow a remote attacker to execute arbitrary code on an affected system. I. Description Several vulnerabilities have been reported in the Mozilla web browser and derived products. More detailed information is available in the individual vulnerability notes: VU#414240 - Mozilla Mail vulnerable to buffer overflow via writeGroup() function in nsVCardObj.cpp Mozilla Mail contains a stack overflow vulnerability in the display routines for VCards. By sending an email message with a crafted VCard, a remote attacker may be able to execute arbitrary code on the victim's machine with the privileges of the current user. This can be exploited in the preview mode as well. VU#847200 - Mozilla contains integer overflows in bitmap image decoder A vulnerability in the way Mozilla and its derived programs handle certain bitmap images could allow a remote attacker to execute arbitrary code on a vulnerable system. VU#808216 - Mozilla contains heap overflow in UTF8 conversion of hostname portion of URLs A vulnerability in the way Mozilla and its derived programs handle certain malformed URLs could allow a remote attacker to execute arbitrary code on a vulnerable system. VU#125776 - Multiple buffer overflows in Mozilla POP3 protocol handler There are multiple buffer overflow vulnerabilities in the Mozilla POP3 protocol handler that could allow a malicious POP3 server to execute arbitrary code on the affected system. VU#327560 - Mozilla "send page" feature contains a buffer overflow vulnerability There is a buffer overflow vulnerability in the Mozilla "send page" feature that could allow a remote attacker to execute arbitrary code. VU#651928 - Mozilla allows arbitrary code execution via link dragging A vulnerability affecting Mozilla web browsers may allow violation of cross-domain scripting policies and possibly execute code originating from a remote source. II. Impact These vulnerabilities could allow a remote attacker to execute arbitrary code with the privileges of the user running the affected application. VU#847200 could also allow a remote attacker to crash an affected application. III. Solution Upgrade to a patched version Mozilla has released versions of the affected software that contain patches for these issues: * Mozilla 1.7.3 * Firefox Preview Release * Thunderbird 0.8 Users are strongly encouraged to upgrade to one of these versions. Appendix A. References * Mozilla Security Advisory - http://www.mozilla.org/projects/secu...erabilities.ht ml> * Mozilla 1.7.2 non-ascii hostname heap overrun, Gael Delalleau - http://www.zencomsec.com/advisories/...2-UTF8link.txt> * Security Audit of Mozilla's .bmp image parsing, Gael Delalleau - <http://www.zencomsec.com/advisories/...-1.7.2-BMP.txt> * Security Audit of Mozilla's POP3 client protocol, Gael Delalleau - <http://www.zencomsec.com/advisories/...1.7.2-POP3.txt> * US-CERT Vulnerability Note VU#414240 - <http://www.kb.cert.org/vuls/id/414240> * US-CERT Vulnerability Note VU#847200 - <http://www.kb.cert.org/vuls/id/847200> * US-CERT Vulnerability Note VU#808216 - <http://www.kb.cert.org/vuls/id/808216> * US-CERT Vulnerability Note VU#125776 - <http://www.kb.cert.org/vuls/id/125776> * US-CERT Vulnerability Note VU#327560 - <http://www.kb.cert.org/vuls/id/327560> * US-CERT Vulnerability Note VU#651928 - <http://www.kb.cert.org/vuls/id/651928> __________________________________________________ _______________ Mozilla has assigned credit for reporting of these issue to the following: * VU#414240: Georgi Guninski * VU#847200: Gael Delalleau * VU#808216: Gael Delalleau and Mats Palmgren * VU#125776: Gael Delalleau * VU#327560: Georgi Guninski * VU#651928: Jesse Ruderman __________________________________________________ _______________ Feedback can be directed to the US-CERT Technical Staff. __________________________________________________ _______________ This document is available from: <http://www.us-cert.gov/cas/techalerts/TA04-261A.html> __________________________________________________ _______________ Copyright 2004 Carnegie Mellon University. Terms of use: <http://www.us-cert.gov/legal.html> __________________ Epic CashEpic Cash works for me Solar Cash Paysite Plugin Gallery of the day freesites,POTD,Gallery generator with free hosting

09-17-2004, 05:36 PM	#2
Tempest Too lazy to set a custom title Industry Role: Join Date: May 2004 Location: West Coast, Canada. Posts: 10,217	It just never ends.. Time for that job at McDs.

09-17-2004, 06:19 PM	#3
SmokeyTheBear ►SouthOfHeaven Join Date: Jun 2004 Location: PlanetEarth MyBoardRank: GerbilMaster My-Penis-Size: extralarge MyWeapon: Computer Posts: 28,609	heh now how long did that take to find hahahahaha lets see , it has been open for almost a year and they are only 1/3 done lol.. suckers... __________________ hatisblack at yahoo.com

09-17-2004, 06:22 PM	#4
Xtreme Fever Confirmed User Join Date: Aug 2004 Posts: 234	it's software. what do you expect?