Firefox 3.5.6 has just been released which addresses 11 documented security issues, as well as a number of stability issue. Since Browser vulnerabilities operate as a prime gateway for malware, immediate updating is strongly recommended.
MFSA 2009-67 (Critical) — An integer overflow in the Theora video library. A video’s dimensions were being multiplied together and used in particular memory allocations. When the video dimensions were sufficiently large, the multiplication could overflow a 32-bit integer resulting in too small a memory buffer being allocated for the video. An attacker could use a specially crafted video to write data past the bounds of this buffer, causing a crash and potentially running arbitrary code on a victim’s computer.
MFSA 2009-66 (Critical) — Several bugs in liboggplay which posed potential memory safety issues. The bugs which were fixed could potentially be used by an attacker to crash a victim’s browser and execute arbitrary code on their computer.
MFSA 2009-65 (Critical) — Mozilla developers and community members identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes — four documented vulnerabilities — showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code.
MFSA 2009-68 (High Risk) — Mozilla’s NTLM implementation was vulnerable to reflection attacks in which NTLM credentials from one application could be forwarded to another arbitary application via the browser. If an attacker could get a user to visit a web page he controlled he could force NTLM authenticated requests to be forwarded to another application on behalf of the user.
MFSA 2009-71 (Low Risk) — The exception messages generated by Mozilla’s GeckoActiveXObject differ based on whether or not the requested COM object’s ProgID is present in the system registry. A malicious site could use this vulnerability to enumerate a list of COM objects installed on a user’s system and create a profile to track the user across browsing sessions.
Download at: Mozilla
If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.