Mozilla closes 6 critical holes in Firefox
Mozilla's release of Firefox 17 closes six critical vulnerabilities in the previous versions of the browser. In all, sixteen advisories were issued, split between six critical-impact, nine high-impact and one moderate-impact problems. Many of the bugs also affect Firefox ESR, Thunderbird and SeaMonkey.
The critical issues include MSFA2012-106 and MSFA2012-105, which both covered a series of memory corruption issues that had been found using AddressSanitizer and existed in Firefox 16, Firefox ESR 10.0.10, Thunderbird 17, Thunderbird ESR 10.0.10, SeaMonkey 2.14 and earlier versions. Other bugs existing across the range of Mozilla software were MSFA2012-92, a buffer overflow while rendering GIF format images also found with AddressSanitizer, and MSFA2012-91, various memory safety errors which were found to corrupt memory. Crashing Firefox 16, Thunderbird 16 and SeaMonkey 2.13 and earlier in a potentially exploitable way was the subject of MSFA2012-94, which could be triggered when combining SVG text on a path and setting CSS properties. Finally, MSFA2012-104, only affecting Firefox 16 and Firefox ESR 10.0.10 and earlier, the Style Inspector was found to be vulnerable; a maliciously crafted stylesheet could be created that, when inspected, would run HTML and CSS in a privileged context allowing for arbitrary code execution.
The moderate issues include cross-site scripting (XSS) vulnerabilities, the ability to enter scripts into the Developer Toolbar and have them execute with privileges, improper character decoding, defective security filtering on cross-origin wrappers, chrome property exposure, memory corruption, and sandboxing errors. One moderate flaw was found in Firefox's installer, which was found to be vulnerable to Windows DLL hijacking when a specifically named DLL file was placed in the default downloads directory with the Firefox installer.
For all of the flaws, the remedy is the same; update to the latest version of Firefox (latest version 17), Firefox ESR (10.0.11), Thunderbird (17), Thunderbird ESR (10.0.11) or SeaMonkey (2.14). The updates should be automatically installed by the applications, but can be induced to download by displaying the applications' About dialog. It is also, of course, possible to download Firefox, Thunderbird or SeaMonkey from Mozilla's download pages.
(djwm)