Note: This is an archival copy of Security Sun Alert 200605 as previously published on http://sunsolve.sun.com. Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000467.1. |
Category Security Release Phase Resolved Mozilla v1.7 Solaris 9 Operating System Solaris 10 Operating System Solaris 8 Operating System Bug Id 6458755 Date of Workaround Release 26-JUN-2007 Date of Resolved Release 20-AUG-2007 Impact A number of memory corruption vulnerabilities have been found in the Mozilla application which may allow a remote user who is able to create a web page which is visited by a local user using the Mozilla browser, or who sends a specially crafted email that is read by a local user using Mozilla, to either cause the Mozilla application to crash or execute arbitrary code via Javascript with the privileges of the user running Mozilla. The ability of a remote user to cause the Mozilla application to crash is a type of Denial of Service (DoS). The following Mozilla advisory describes nine separate memory corruption issues: This Sun Alert corresponds to the following five issues described in the Mozilla advisory above: FireMenuItemActiveEvent called at unsafe times (Boris Zbarsky): Potential string class buffer overruns in out-of-memory case (Darin Fisher, Daniel Veditz): Crashes involving table row and column groups (Jesse Ruderman, Martijn Wargers):
crypto.generateCRMFRequest callback can run on deleted context (shutdown): Note: Mozilla 1.7 is not affected by the below vulnerabilities mentioned in the advisory: Crashes referencing removed nodes (Jesse Ruderman, Martijn Wargers):
Additional references:
Contributing Factors These issues can occur in the following releases: SPARC Platform
x86 Platform
Note: Mozilla 1.4 may be vulnerable to one or more of these security issues. Customers are advised to upgrade to Mozilla 1.7 to get the security fixes once they are available. To determine the version of Mozilla on a Solaris system, the following command can be run: % /usr/sfw/bin/mozilla -version Mozilla 1.7, (Sun Java Desktop System), build 2005031721
Symptoms There are no predictable symptoms that would indicate the described issues have been exploited. Workaround Some of the memory corruption vulnerabilities may be mitigated by disabling Javascript:
Resolution This issue is addressed in the following releases: SPARC Platform
x86 Platform
Modification History Date: 06-AUG-2007
Date: 20-AUG-2007
References119115-30119116-30 120671-06 120672-06 Attachments This solution has no attachment |
|