LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Kernel prepatch 3.9-rc6

LWN.net Weekly Edition for April 4, 2013

LWN.net Weekly Edition for March 28, 2013

A kernel change breaks GlusterFS

PyCon: Evangelizing Python

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

mozilla: multiple vulnerabilities

Package(s):firefox thunderbird xulrunner seamonkey CVE #(s):CVE-2013-0744 CVE-2013-0746 CVE-2013-0748 CVE-2013-0750 CVE-2013-0753 CVE-2013-0754 CVE-2013-0758 CVE-2013-0759 CVE-2013-0762 CVE-2013-0766 CVE-2013-0767 CVE-2013-0769
Created:January 9, 2013 Updated:February 18, 2013
Description: From the Red Hat advisory:

Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2013-0744, CVE-2013-0746, CVE-2013-0750, CVE-2013-0753, CVE-2013-0754, CVE-2013-0762, CVE-2013-0766, CVE-2013-0767, CVE-2013-0769)

A flaw was found in the way Chrome Object Wrappers were implemented. Malicious content could be used to cause Firefox to execute arbitrary code via plug-ins installed in Firefox. (CVE-2013-0758)

A flaw in the way Firefox displayed URL values in the address bar could allow a malicious site or user to perform a phishing attack. (CVE-2013-0759)

An information disclosure flaw was found in the way certain JavaScript functions were implemented in Firefox. An attacker could use this flaw to bypass Address Space Layout Randomization (ASLR) and other security restrictions. (CVE-2013-0748)

Alerts:
Red Hat RHSA-2013:0144-01 2013-01-08
Red Hat RHSA-2013:0145-01 2013-01-08
CentOS CESA-2013:0144 2013-01-09
CentOS CESA-2013:0145 2013-01-09
CentOS CESA-2013:0144 2013-01-09
Oracle ELSA-2013-0145 2013-01-09
Oracle ELSA-2013-0144 2013-01-09
Ubuntu USN-1681-1 2013-01-08
Ubuntu USN-1681-2 2013-01-08
Mandriva MDVSA-2013:002 2013-01-09
Slackware SSA:2013-009-01 2013-01-10
Slackware SSA:2013-009-02 2013-01-10
Slackware SSA:2013-009-03 2013-01-10
Scientific Linux SL-fire-20130110 2013-01-10
Scientific Linux SL-thun-20130110 2013-01-10
Oracle ELSA-2013-0144 2013-01-12
Mageia MGASA-2013-0008 2013-01-14
CentOS CESA-2013:0144 2013-01-10
CentOS CESA-2013:0144 2013-01-10
CentOS CESA-2013:0145 2013-01-10
Fedora FEDORA-2013-0891 2013-01-16
SUSE SUSE-SU-2013:0048-1 2013-01-18
SUSE SUSE-SU-2013:0049-1 2013-01-18
Ubuntu USN-1681-3 2013-01-22
openSUSE openSUSE-SU-2013:0149-1 2013-01-23
openSUSE openSUSE-SU-2013:0131-1 2013-01-23
Fedora FEDORA-2013-1442 2013-01-26
Mageia MGASA-2013-0020 2013-01-26
Mageia MGASA-2013-0021 2013-01-26
Fedora FEDORA-2013-1382 2013-02-02
Fedora FEDORA-2013-1432 2013-02-02
Ubuntu USN-1681-4 2013-02-05
SUSE SUSE-SU-2013:0292-1 2013-02-13
SUSE SUSE-SU-2013:0306-1 2013-02-18
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds