LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Kernel prepatch 3.9-rc6

LWN.net Weekly Edition for April 4, 2013

LWN.net Weekly Edition for March 28, 2013

A kernel change breaks GlusterFS

PyCon: Evangelizing Python

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Mageia alert MGASA-2013-0086 (iceape)



From:
    	      Mageia Updates <buildsystem-daemon@mageia.org> 


To:
    	      updates-announce@ml.mageia.org 


Subject:
    	      [updates-announce] MGASA-2013-0086: iceape-2.16-1.mga2 (2/core) 


Date:
    	      Sat, 9 Mar 2013 01:23:01 +0100


Message-ID:
    	      <20130309002301.GA12300@valstar.mageia.org>


Archive-link:
    	      Article, Thread
              


MGASA-2013-0086
Date:	March 9th, 2013
Affected releases:	2
Media:	Core

Description:
Multiple unspecified vulnerabilities in the browser engine in Mozilla
Firefox before 19.0,  Firefox ESR 17.x before 17.0.3, Thunderbird before 
17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 
allow remote attackers to cause a denial of service (memory corruption 
and application crash) or possibly execute arbitrary code via unknown
vectors. (CVE-2013-0783)

Multiple unspecified vulnerabilities in the browser engine in Mozilla
Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 
2.16 allow remote attackers to cause a denial of service (memory 
corruption and application crash) or possibly execute arbitrary code 
via unknown vectors. (CVE-2013-0784)

The RasterImage::DrawFrameTo function in Mozilla Firefox before 19.0,
Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote 
attackers to obtain sensitive information from process  memory or cause 
a denial of service (out-of-bounds read and application crash) via a crafted 
GIF image. (CVE-2013-0772)

Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 
2.16 do not prevent multiple wrapping of WebIDL objects, which allows remote 
attackers to bypass intended access restrictions via unspecified vectors. 
(CVE-2013-0765)

The Chrome Object Wrapper (COW) and System Only Wrapper (SOW) implementations 
in Mozilla Firefox before 19.0,  Firefox ESR 17.x before 17.0.3, Thunderbird 
before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before
2.16 do not prevent modifications to a prototype, which allows remote
attackers to obtain sensitive information from 

chrome objects or possibly execute arbitrary JavaScript code with chrome
privileges via a crafted web site. (CVE-2013-0773)

Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird
before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 
2.16 do not prevent JavaScript workers from reading the browser-profile 
directory name, which has  unspecified impact and remote attack vectors. 
(CVE-2013-0774)

Use-after-free vulnerability in the nsImageLoadingContent::OnStopContainer 
function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, 
Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey
before 2.16 allows remote  attackers to execute arbitrary code via crafted web 
script. (CVE-2013-0775)

Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird
before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 
2.16 allow man-in-the-middle attackers to spoof the address bar by operating 
a proxy server that provides 

a 407 HTTP status code accompanied by web script, as demonstrated by a
phishing attack on an HTTPS site. (CVE-2013-0776)

Use-after-free vulnerability in the nsDisplayBoxShadowOuter::Paint
function in Mozilla Firefox before 19.0, Thunderbird before  17.0.3, 
and SeaMonkey before 2.16 allows remote attackers to execute arbitrary 
code or cause a denial of service (heap memory corruption) via unspecified 
vectors. (CVE-2013-0777)


The ClusterIterator::NextCluster function in Mozilla Firefox before
19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows 
remote attackers to execute arbitrary code or cause a denial of service
(out-of-bounds read) via unspecified vectors. (CVE-2013-0778)

The nsCodingStateMachine::NextState function in Mozilla Firefox before
19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows 
remote attackers to execute arbitrary code or cause a denial of service
(out-of-bounds read) via unspecified vectors. (CVE-2013-0779)

Use-after-free vulnerability in the nsOverflowContinuationTracker::Finish 
function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, 
Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey 
before 2.16 allows remote attackers to execute arbitrary code or cause a denial 
of service (heap memory corruption) via a crafted document that uses Cascading 
Style Sheets (CSS) -moz-column-* properties. (CVE-2013-0780)

Use-after-free vulnerability in the nsPrintEngine::CommonPrint function in Mozilla 
Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows 
remote attackers to execute arbitrary code or cause a denial of service (heap memory 
corruption) via unspecified vectors. (CVE-2013-0781)

Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion
function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, 
Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey 
before 2.16 allows remote attackers to execute arbitrary code via unspecified 
vectors. (CVE-2013-0782)

Updated Packages:
i586:
iceape-2.16-1.mga2.i586.rpm

x86_64:
iceape-2.16-1.mga2.i586.rpm

SRPMS:
iceape-2.16-1.mga2.src.rpm


References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0765
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0772
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0773
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0774
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0775
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0776
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0777
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0778
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0779
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0780
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0781
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0782
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0783
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0784
http://www.mozilla.org/security/announce/2013/mfsa2013-21...
http://www.mozilla.org/security/announce/2013/mfsa2013-22...
http://www.mozilla.org/security/announce/2013/mfsa2013-23...
http://www.mozilla.org/security/announce/2013/mfsa2013-24...
http://www.mozilla.org/security/announce/2013/mfsa2013-25...
http://www.mozilla.org/security/announce/2013/mfsa2013-26...
http://www.mozilla.org/security/announce/2013/mfsa2013-27...
http://www.mozilla.org/security/announce/2013/mfsa2013-28...
https://bugs.mageia.org/show_bug.cgi?id=9173
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-...
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds