Mozilla Products Contain Multiple Vulnerabilities

Systems Affected

Mozilla web browser, email and newsgroup client
Mozilla SeaMonkey
Firefox web browser
Thunderbird email client
Mozilla Suite

Any products based on Mozilla components, particularly Gecko may also be affected.

Overview

The Mozilla web browser and derived products contain several vulnerabilities, the most serious of which could allow a remote attacker to execute arbitrary code on an affected system.

Description

Several vulnerabilities have been reported in the Mozilla web browser and derived products. More detailed information is available
in the individual vulnerability notes, including:

VU#932734 - Mozilla crypto.generateCRMFRequest() vulnerability

A vulnerability exists in the Mozilla JavaScript routine generateCRMFRequest() that may allow a remote attacker to execute arbitrary code.

(CVE-2006-1728)

VU#968814 - Mozilla JavaScript security bypass vulnerability

Mozilla products fail to properly enforce security restrictions in JavaScript. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code.

(CVE-2006-1726)

VU#179014 - Mozilla CSS integer overflow vulnerability

Mozilla products contain an integer overflow that could allow a remote, unauthenticated attacker to execute arbitrary code.

(CVE-2006-1730)

VU#488774 - Mozilla XBL binding vulnerability

Mozilla products fail to properly restrict access to privileged XBL bindings. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code.

(CVE-2006-1733)

VU#842094 - Mozilla JavaScript cloned parent vulnerability

Mozilla products fail to properly restrict access to a JavaScript functions cloned parent. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system.

(CVE-2006-1734)

VU#813230 - Mozilla products vulnerable to privilege escalation via XBL.method.eval

A vulnerability in the way Mozilla products and derivative programs handle certain XBL methods could allow a remote attacker to execute arbitrary code on a vulnerable system.

(CVE-2006-1735)

VU#736934 - Mozilla products vulnerable to memory corruption via a particular sequence of HTML tags

A vulnerability in the way Mozilla products and derivative programs handle certain HTML tags could allow a remote attacker to execute arbitrary code on a vulnerable system.

(CVE-2006-0749)

VU#935556 - Mozilla products may allow CSS border-rendering code to write past the end of an array

A vulnerability in the way Mozilla products and derivative programs handle certain CSS methods could allow a remote attacker to crash the application or execute arbitrary code on a vulnerable system.

(CVE-2006-1739)

VU#350262 - Mozilla DHTML memory corruption vulnerabilities

Mozilla products contain to multiple, unspecified vulnerabilities in the way they handle DHTML. These vulnerabilities may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition.

(CVE-2006-1724)

VU#252324 - Mozilla display style vulnerability

Mozilla products contain an unspecified vulnerability in the way they handle display styles. This vulnerability may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition.

VU#329500 - Mozilla products vulnerable to memory corruption via large regular expression in JavaScript

A vulnerability in the way the JavaScript engine of Mozilla products and derivative programs handles a large regular expression could allow a remote attacker to crash the application or execute arbitrary code on a vulnerable system.

Impact

The most severe impact of these vulnerabilities could allow a remote attacker to execute arbitrary code with the privileges of the user running the affected application. Other effects include a denial of service or local information disclosure.

Solution

Upgrade

Upgrade to Mozilla Firefox 1.5.0.2, Mozilla Thunderbird 1.5.0.2, or SeaMonkey 1.0.1. According to Mozilla.org, Thunderbird 1.5.0.2 is to be released on April 18, 2006.

Users are strongly encourages to apply the workarounds described in the individual vulnerability notes until updates can be applied.

Appendix A. References

Mozilla Foundation Security Advisories - http://www.mozilla.org/security/announce/
Mozilla Foundation Security Advisories - http://www.mozilla.org/projects/security/known-vulnerabilities.html
US-CERT Vulnerability Note VU#932734 - http://www.kb.cert.org/vuls/id/932734
US-CERT Vulnerability Note VU#968814 - http://www.kb.cert.org/vuls/id/968814
US-CERT Vulnerability Note VU#179014 - http://www.kb.cert.org/vuls/id/179014
US-CERT Vulnerability Note VU#488774 - http://www.kb.cert.org/vuls/id/488774
US-CERT Vulnerability Note VU#842094 - http://www.kb.cert.org/vuls/id/842094
US-CERT Vulnerability Note VU#813230 - http://www.kb.cert.org/vuls/id/813230
US-CERT Vulnerability Note VU#736934 - http://www.kb.cert.org/vuls/id/736934
US-CERT Vulnerability Note VU#935556 - http://www.kb.cert.org/vuls/id/935556
US-CERT Vulnerability Note VU#350262 - http://www.kb.cert.org/vuls/id/350262
US-CERT Vulnerability Note VU#252324 - http://www.kb.cert.org/vuls/id/252324
US-CERT Vulnerability Note VU#329500 - http://www.kb.cert.org/vuls/id/329500
US-CERT Vulnerability Notes Related to April Mozilla Security Advisories - http://www.kb.cert.org/vuls/byid?searchview&query=mozilla_April_2006
CVE-2006-1726 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1726
CVE-2006-1728 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1728
CVE-2006-1730 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1730
CVE-2006-1733 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1733
CVE-2006-1734 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1734
CVE-2006-1735 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1735
CVE-2006-0749 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0749
CVE-2006-1739 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1739
CVE-2006-1724 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1724
Firefox - Rediscover the Web - http://www.mozilla.com/firefox/
Thunderbird - Reclaim your inbox - http://www.mozilla.com/thunderbird/
The SeaMonkey Project - http://www.mozilla.org/projects/seamonkey/
Mozilla Suite - The All-in-One Internet Application Suite - http://www.mozilla.org/products/mozilla1.x/
Securing Your Web Browser - http://www.us-cert.gov/reading_room/securing_browser/browser_security.html#Mozilla_Firefox

Feedback can be directed to the US-CERT Technical Staff

Produced by US-CERT, a government organization. Terms of use

Revision History

April 17, 2006: Initial release
Last updated

This product is provided subject to this Notification and this Privacy & Use policy.

Mozilla Products Contain Multiple Vulnerabilities

Systems Affected

Overview

Description

Impact

Solution

Upgrade

Appendix A. References

Revision History

Please share your thoughts

CISA and Partners Release Advisory on Black Basta Ransomware

CISA Releases Four Industrial Control Systems Advisories

ASD’s ACSC, CISA, and Partners Release Secure by Design Guidance on Choosing Secure and Verifiable Technologies

CISA Releases Two Industrial Control Systems Advisories

Mozilla Products Contain Multiple Vulnerabilities

Systems Affected

Overview

Description

Impact

Solution

Upgrade

Appendix A. References

Revision History

Please share your thoughts

Related Advisories

CISA and Partners Release Advisory on Black Basta Ransomware

CISA Releases Four Industrial Control Systems Advisories

ASD’s ACSC, CISA, and Partners Release Secure by Design Guidance on Choosing Secure and Verifiable Technologies

CISA Releases Two Industrial Control Systems Advisories