Dirty dozen: Firefox ships patch for 12 security flaws

Dirty dozen: Firefox ships patch for 12 security flaws

Summary: Mozilla has released another point update for its flagship Firefox browser to provide fixes for at least 12 documented security vulnerabilities.  Some of the flaws put millions of Web surfers at risk of remote code execution attacks.

SHARE:

Firefox fixes critical security flawsMozilla has released another point update for its flagship Firefox browser to provide fixes for at least 12 documented security vulnerabilities.  Some of the flaws put millions of Web surfers at risk of remote code execution attacks.

The Firefox 3.0.2 update addresses two issues rated by Mozilla to be "critical," meaning that the documented vulnerability can be used to run attacker code and install software, requiring no user interaction beyond normal browsing.

Here's the skinny from Mozilla's bulletins:

[ SEE: Talking Firefox security with Mozilla’s Window Snyder ]

  • MFSA-2008-40 - Mozilla developer Paul Nickerson reported a variant of a click-hijacking vulnerability discovered in Internet Explorer by Liu Die Yu. The vulnerability allowed an attacker to move the content window while the mouse was being clicked, causing an item to be dragged rather than clicked-on. This issue could potentially be used to force a user to download a file or perform other drag-and-drop actions.
  • MFSA-2008-41 - Mozilla security researcher moz_bug_r_a4 reported a series of vulnerabilities by which page content can pollute XPCNativeWrappers and have arbitrary code run with chrome privileges. One variant reported by moz_bug_r_a4 only affected Firefox 2.  Mozilla developer Olli Pettay reported that XSLT can create documents which do not have script handling objects. moz_bug_r_a4 also reported that document.loadBindingDocument() returns a document that does not have a script handling object. These issues could also be used by an attacker to run arbitrary script with chrome privileges.
  • MFSA-2008-42 - Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Drew Yao of Apple Product Security reported two crashes in Mozilla image rendering code. This vulnerability only affected Firefox 3. David Maciejak also reported a crash in graphics rendering which only affected Firefox 3.
  • MFSA-2008-43 - Microsoft developer Dave Reed reported that certain BOM characters are stripped from JavaScript code before it is executed. This can lead to code, which would otherwise be treated as part of a quoted string, to be executed. The issue could potentially be used by an attacker to bypass or evade script filters and perform an XSS attack. Security researcher Gareth Heyes reported an issue with the HTML parser in which the parser ignored certain low surrogate characters if they were HTML-escaped. This issue could potentially be used to bypass naive script filtering and used in an XSS attack. This issue only affected Firefox 2.
  • MFSA-2008-44 -  Mozilla developer Boris Zbarsky reported that the resource: protocol allowed directory traversal on Linux when using URL-encoded slashes. Mozilla developer Georgi Guninski reported that the restrictions imposed on local HTML files could be bypassed using the resource: protocol. The vulnerability allowed an attacker to read information about the system and prompt the victim to save the information in a file.

[ ALSO SEE: Firefox scrambles to add ‘private mode’ browsing ]

The open-source group also released patches for multiple vulnerabilities affecting Firefox 2 but strongly recommends that users upgrade to Firefox 3.

Topics: Security, Browser, Software Development

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

11 comments
Log in or register to join the discussion
  • Adobe Flash Beta 10 on Linux Stopped Crashing

    Every since build version 3 of Firefox 3.0.2 Adobe 10 beta stopped crashing on Linux 32/64 bit systems. Flash now runs great on this release, except for some minor issues with accelerated graphics and nVidia proprietary drivers in full screen mode.
    MisterMiester
  • RE: Dirty dozen: Firefox ships patch for 12 security flaws

    Feels faster, quicker.
    Sandeep108
  • OMG...can't be. OSS just can't have vulnerabilities.

    It's so secure. At least that's what the zealots want you to believe.
    transposeIT
    • Secure under Linux, not under Windows

      I know it's a cheap shot, but Fox IS secure under Linux, but not Windows. Under Windows a keylogger still works after this Fox security update. Under Linux keyloggers cannot get installed in the first place. The worst current exploit for Fox under Linux is the Flash clipboard hijack, which is nothing more than an ankle biting party trick with no system consequence at all. That will disappear under Flash 10.
      Don Collins
      • Huh?

        What does a keylogger have to do with Firefox?
        Greenknight_z
        • well you see, it's like this

          When we talk about "security" we mean "preventing having something bad done to you."

          A keylogger is an example of something bad that could be done to you by exploiting a browser vulnerability.

          Make sense now?
          bmerc
    • Never seen anyone make this claim other than sarcastic NBMers

      Case in point: you.
      bmerc
    • Straw man

      transposeIT wrote:

      [i]OMG...can't be. OSS just can't have vulnerabilities. It's so secure. At least that's what the zealots want you to believe.[/i]
      No credible person claims OSS is invulnerable. The advantage to using OSS is that when vulnerabilities are found, they tend to be fixed faster. If this were, say, a Microsoft product, you'd have to wait until the second Tuesday of the next month at the earliest to get them fixed.
      JDThompson
  • Eh 12 ?

    Can anyone list the 12 as I can only count 5:

    MFSA 2008-44 resource: traversal vulnerabilities
    MFSA 2008-43 BOM characters stripped from JavaScript before execution
    MFSA 2008-42 Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17)
    MFSA 2008-41 Privilege escalation via XPCnativeWrapper pollution
    MFSA 2008-40 Forced mouse drag

    2 critical, 2 moderate and 1low.
    Alan Smithie
    • Twelve just makes a better headline than five

      God forbid that actual facts interfere with a juicy headline.
      bmerc
  • RE: Dirty dozen: Firefox ships patch for 12 security flaws

    Mt2 turk MMO PvP game download online game servers
    <a href="http://www.metin2oyunu.org" title="metin2" target="_blank">metin2</a> - <a href="http://www.metin2oyunu.org/indir" title="metin2 indir" target="_blank">metin2 indir</a> - <a href="http://www.metin2oyunu.org/hileler" title="metin2 hile" target="_blank">metin2 hile</a> - <a href="http://www.metin2oyunu.org/gm-komutlari" title="metin2 gm komutlari" target="_blank">metin2 gm komutlari</a> - <a href="http://www.metin2oyunu.org/category/metin2-at-gorevleri" title="metin2 at gorevleri" target="_blank">metin2 at gorevleri</a>
    MMO online games, game related content turk mt2 pvp servers
    <a href="http://www.metin2pvpserver.net" title="metin 2" target="_blank">metin 2</a> - <a href="http://www.metin2pvpserver.net" title="pvp" target="_blank">pvp</a> - <a href="http://www.metin2pvpserver.net" title="server" target="_blank">server</a> - <a href="http://www.metin2pvpserver.net/knight" title="knight" target="_blank">knight</a>
    Mt2 turk MMO PvP game servers online
    <a href="http://www.metin2pvpserverlar.com" title="metin2 pvp sererler" target="_blank">metin2 pvp sererler</a> - <a href="http://www.metin2pvpserverlar.com" title="pvp serverlar" target="_blank">serverlar</a> - <a href="http://www.metin2pvpserverlar.com" title="pvp serverler" target="_blank">pvp serverler</a> - <a href="http://www.metin2pvpserverlar.com" title="metin2 pvp sererlar" target="_blank">metin2 pvp sererlar</a> - <a href="http://www.metin2pvpserverlar.com/pvp-kenti" title="pvp kenti" target="_blank">pvp kenti</a>

    download http://www.metin2oyunu.org game servers online http://www.metin2pvpserver.net turk mt2 pvp servers http://www.metin2pvpserverlar.com
    <a href="http://www.metin2turkiye.net" title="mt2" target="_blank">mt2</a>
    <a href="http://www.metin2turkiye.net" title="metin2 turk" target="_blank">metin2 turk</a>
    <a href="http://www.metin2turkiye.net" title="mt2 turk" target="_blank">mt2 turk</a>
    <a href="http://www.metin2turkiye.net" title="metin2 tr" target="_blank">metin2 tr</a>
    <a href="http://www.metin2oyunu.org/indir" title="metin 2" target="_blank">Metin 2</a>
    <a href="http://www.metin2oyunu.org/tag/alemt2-kaydol-alemt2-indir" title="alemt2 indir" target="_blank">alemt2 indir</a>
    <a href="http://www.metin2oyunu.org/tag/alemt2-kaydol-alemt2-indir" title="alemt2 kaydol" target="_blank">alemt2 kaydol</a>
    <a href="http://www.metin2oyunu.org/tag/alemt2-kaydol-alemt2-indir" title="alemt2" target="_blank">alemt2</a>
    <a href="http://www.metin2oyunu.org/tag/fancy-mt2-kaydol" title="alemt2 kaydol" target="_blank">fancymt2 kaydol</a>
    <a href="http://www.metin2oyunu.org/tag/fancy-mt2" title="alemt2 kaydol" target="_blank">fancy mt2</a>
    <a href="http://www.metin2oyunu.org/tag/mt2-pvp" title="mt2 pvp" target="_blank">mt2 pvp</a>
    <a href="http://www.metin2oyunu.org/metin2-pvp-serverler" title="metin2 pvp" target="_blank">metin2 pvp</a>
    <a href="http://www.metin2oyunu.org/metin2-pvp-serverler" title="metin2 pvp" target="_blank">metin2 pvp serverler</a>
    <a href="http://www.metin2oyunu.org/metin2-pvp-serverler" title="pvp" target="_blank">pvp</a>
    <a href="http://www.metin2oyunu.org/metin2-pvp-serverler" title="metin2" target="_blank">metin2</a>
    <a href="http://www.metin2oyunu.org/metin2-pvp-serverler" title="serverler" target="_blank">serverler</a>
    <a href="http://www.metin2oyunu.org/metin2-pvp-serverler" title="serverler" target="_blank">serverler</a>

    <a href="http://www.metin2pvpserver.net" title="metin2pvpserver" target="_blank">metin2pvpserver</a>
    <a href="http://www.metin2pvpserver.net" title="metin2 pvp server" target="_blank">metin2 pvp server</a>
    <a href="http://www.metin2pvpserver.net" title="metin2 pvpserver" target="_blank">metin2 pvpserver</a>
    <a href="http://www.metin2pvpserver.net" title="metin2pvp server" target="_blank">metin2pvp server</a>
    <a href="http://www.metin2pvpserver.net" title="metin2pvp" target="_blank">metin2pvp</a>
    <a href="http://www.metin2pvpserver.net" title="metin2 server" target="_blank">metin2 server</a>


    <a href="http://www.metin2pvpserverlar.com" title="metin2pvpserverlar" target="_blank">metin2pvpserverlar</a>
    <a href="http://www.metin2pvpserverlar.com" title="metin2 pvp serverlar" target="_blank">metin2 pvp serverlar</a>
    <a href="http://www.metin2pvpserverlar.com" title="metin2pvp serverlar" target="_blank">metin2pvp serverlar</a>
    <a href="http://www.metin2pvpserverlar.com" title="metin2 serverlar" target="_blank">metin2 serverlar</a>

    <a href="http://www.faceara.com" title="face" target="_blank">face</a>
    <a href="http://www.faceara.com" title="facebook" target="_blank">facebook</a>
    zafer12