Note: This is an archival copy of Security Sun Alert 238492 as previously published on http://sunsolve.sun.com.
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1019327.1.
Article ID : 1019327.1
Article Type : Sun Alerts (SURE)
Last reviewed : 2010-12-03
Audience : PUBLIC
Copyright Notice: Copyright © 2010, Oracle Corporation and/or its affiliates.

Multiple Security Vulnerabilities in Solaris 10 Firefox may Allow Execution of Arbitrary Code and Access to Unauthorized Data

Category
Security

Release Phase
Resolved

Bug Id
6663845, 6681417, 6695896

Date of Resolved Release
09-Jun-2008

Multiple security vulnerabilities in the firefox(1) application (see below for details)

1. Impact

Multiple security vulnerabilities in the firefox(1) application shipped with
Solaris 10 may allow local or remote unprivileged user to execute arbitrary
code on a remote machine with the privileges of a local user or trick local
users into confirming an unsafe action, such as remote file execution or
gain access to unauthorised data and cause firefox(1) application to crash,
or conduct Cross-Site Scripting (XSS) attacks on sites which allow users to
upload pictures, archives, or other files. The ability to crash the firefox(1)
application is a type of Denial of Service (Dos).

The following Mozilla advisories describe the vulnerabities:

http://www.mozilla.org/security/announce/2008/mfsa2008-01.html
http://www.mozilla.org/security/announce/2008/mfsa2008-02.html
http://www.mozilla.org/security/announce/2008/mfsa2008-03.html
http://www.mozilla.org/security/announce/2008/mfsa2008-04.html
http://www.mozilla.org/security/announce/2008/mfsa2008-05.html
http://www.mozilla.org/security/announce/2008/mfsa2008-06.html
http://www.mozilla.org/security/announce/2008/mfsa2008-07.html
http://www.mozilla.org/security/announce/2008/mfsa2008-08.html
http://www.mozilla.org/security/announce/2008/mfsa2008-09.html
http://www.mozilla.org/security/announce/2008/mfsa2008-10.html
http://www.mozilla.org/security/announce/2008/mfsa2008-11.html
http://www.mozilla.org/security/announce/2008/mfsa2008-13.html
http://www.mozilla.org/security/announce/2008/mfsa2008-14.html
http://www.mozilla.org/security/announce/2008/mfsa2008-15.html
http://www.mozilla.org/security/announce/2008/mfsa2008-16.html
http://www.mozilla.org/security/announce/2008/mfsa2008-17.html
http://www.mozilla.org/security/announce/2008/mfsa2008-18.html
http://www.mozilla.org/security/announce/2008/mfsa2008-19.html
http://www.mozilla.org/security/announce/2008/mfsa2008-20.html

Additional references:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0412
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0413
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0414
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0415
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0416
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0417
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0418
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0419
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0420
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0591
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0592
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0593
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0594
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1233
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1234
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1235
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1236
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1237
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1238
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4879
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1195
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1240
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1241
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1380

http://www.kb.cert.org/vuls/id/309608
http://www.kb.cert.org/vuls/id/879056
http://www.kb.cert.org/vuls/id/466521

2. Contributing Factors

These issues can occur in the following releases:

SPARC Platform
  • Firefox 2.0 for Solaris 10 without patch 125539-04
  • OpenSolaris based upon builds snv_88 or earlier
x86 Platform
  • Firefox 2.0 for Solaris 10 without patch 125540-04
  • OpenSolaris based upon builds snv_88 or earlier
Note: Solaris 8 and Solaris 9 do not ship Firefox and hence are
not affected by these issues.

Note: OpenSolaris distributions may include additional bug fixes above
and beyond the build from which it was derived.
The base build can be derived as follows:

 $uname -a
 SunOS hostname 5.11 snv_86 i86pc i386 i86pc

3. Symptoms

There are no predictable symptoms that would indicate the described issues have
been exploited.

4. Workaround 

To work around the issues described in CVE-2008-0412, CVE-2008-0413,
CVE-2008-0415, CVE-2008-0416, CVE-2008-0419, CVE-2008-0420,
CVE-2008-0591, CVE-2008-0593, CVE-2008-1233, CVE-2008-1234,
CVE-2008-1235, CVE-2008-1236, CVE-2008-1237, CVE-2008-1238,
CVE-2007-4879, CVE-2008-1195, CVE-2008-1240, CVE-2008-1241 and
CVE-2008-1380 disable JavaScript by doing the following:

1. Open the "Preferences" dialog from the Edit menu
2. Select the "Content" tab
3. Uncheck the "Enable JavaScript" check box

To work around the issues described in CVE-2008-0417, do not ask
Firefox to save passwords on untrusted sites.

To work around the issues described in CVE-2008-0418, disable
"flat-packaged" add-ons.

5. Resolution

These issues addressed in the following releases:

SPARC Platform
  • Solaris 10 with patch 125539-04 or later
  • OpenSolaris based upon builds snv_89 or later
x86 Platform
  • Solaris 10 with patch 125540-04 or later
  • OpenSolaris based upon builds snv_89 or later
For more information on Security Sun Alerts, see
Product
Solaris 10 Operating System

References

125539-04
125540-04

References

SUNPATCH:125539-04
SUNPATCH:125540-04



Attachments
This solution has no attachment