Author: joeyh Date: 2005-09-13 13:53:07 +0000 (Tue, 13 Sep 2005) New Revision: 1950 Added: data/DTSA/advs/18-mozilla.adv Log: working in a followup dtsa for mozilla Added: data/DTSA/advs/18-mozilla.adv ==================================================================--- data/DTSA/advs/18-mozilla.adv 2005-09-13 13:17:22 UTC (rev 1949) +++ data/DTSA/advs/18-mozilla.adv 2005-09-13 13:53:07 UTC (rev 1950) @@ -0,0 +1,65 @@ +source: mozilla +date: September 13th, 2005 +author: Joey Hess +vuln-type: several +problem-scope: remote +debian-specifc: no +cve: CAN-2004-0718 CAN-2005-1937 CAN-2005-2260 CAN-2005-2261 CAN-2005-2263 CAN-2005-2265 CAN-2005-2266 CAN-2005-2268 CAN-2005-2269 CAN-2005-2270 +testing-fix: 1.7.8-1sarge2 +sid-fix: 1.7.10-1 +upgrade: apt-get install mozilla + +Several problems have been discovered in Mozilla. Since the usual praxis of +backporting apparently does not work for this package, this update is +basically version 1.7.10 with the version number rolled back, and hence still +named 1.7.8. The Common Vulnerabilities and Exposures project identifies the +following problems: + +CAN-2004-0718, CAN-2005-1937 + + A vulnerability has been discovered in Mozilla that allows remote + attackers to inject arbitrary Javascript from one page into the + frameset of another site. + +CAN-2005-2260 + + The browser user interface does not properly distinguish between + user-generated events and untrusted synthetic events, which makes + it easier for remote attackers to perform dangerous actions that + normally could only be performed manually by the user. + +CAN-2005-2261 + + XML scripts ran even when Javascript disabled. + +CAN-2005-2263 + + It is possible for a remote attacker to execute a callback + function in the context of another domain (i.e. frame). + +CAN-2005-2265 + + Missing input sanitising of InstallVersion.compareTo() can cause + the application to crash. + +CAN-2005-2266 + + Remote attackers could steal sensitive information such as cookies + and passwords from web sites by accessing data in alien frames. + +CAN-2005-2268 + + It is possible for a Javascript dialog box to spoof a dialog box + from a trusted site and facilitates phishing attacks. + +CAN-2005-2269 + + Remote attackers could modify certain tag properties of DOM nodes + that could lead to the execution of arbitrary script or code. + +CAN-2005-2270 + + The Mozilla browser family does not properly clone base objects, + which allows remote attackers to execute arbitrary code. + +Note that this is the same update contained in DSA-810-1 for Debian stable.