_______________________________________________________________________ Mandriva Linux Security Advisory MDKSA-2006:036 http://www.mandriva.com/security/ _______________________________________________________________________ Package : mozilla Date : February 7, 2006 Affected: Corporate 3.0 _______________________________________________________________________ Problem Description: Mozilla and Mozilla Firefox allow remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in history.dat but not processed efficiently during startup. (CVE-2005-4134) The Javascript interpreter (jsinterp.c) in Mozilla and Firefox before 1.5.1 does not properly dereference objects, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via unknown attack vectors related to garbage collection. (CVE-2006-0292) The XULDocument.persist function in Mozilla, Firefox before 1.5.0.1, and SeaMonkey before 1.0 does not validate the attribute name, which allows remote attackers to execute arbitrary Javascript by injecting RDF data into the user's localstore.rdf file. (CVE-2006-0296) Updated packages are patched to address these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4134 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0292 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0296 _______________________________________________________________________ Updated Packages: Corporate 3.0: 8d1376d6440bc1602ab2b1c74262a30c corporate/3.0/RPMS/libnspr4-1.7.8-0.7.C30mdk.i586.rpm ceae80feec83d84891234f8bcf546247 corporate/3.0/RPMS/libnspr4-devel-1.7.8-0.7.C30mdk.i586.rpm 4be42f4a2297322ac93e6c4e635a225b corporate/3.0/RPMS/libnss3-1.7.8-0.7.C30mdk.i586.rpm f7490d1448b0ef6fe8eaa7561066095f corporate/3.0/RPMS/libnss3-devel-1.7.8-0.7.C30mdk.i586.rpm d3c71d0217099e4586818dc40f819308 corporate/3.0/RPMS/mozilla-1.7.8-0.7.C30mdk.i586.rpm 5d73ae4396714d8b5bf9892090c22724 corporate/3.0/RPMS/mozilla-devel-1.7.8-0.7.C30mdk.i586.rpm 005998ef07bd769563084275c27928ec corporate/3.0/RPMS/mozilla-dom-inspector-1.7.8-0.7.C30mdk.i586.rpm 0774d333844c7d27b560146e632a33b2 corporate/3.0/RPMS/mozilla-enigmail-1.7.8-0.7.C30mdk.i586.rpm 72bda6c0dfc17eb36b5f64aced6da5a3 corporate/3.0/RPMS/mozilla-enigmime-1.7.8-0.7.C30mdk.i586.rpm b425cbdf6b2f2261799869327527d1c7 corporate/3.0/RPMS/mozilla-irc-1.7.8-0.7.C30mdk.i586.rpm a2ba40970fd46883f707979925553074 corporate/3.0/RPMS/mozilla-js-debugger-1.7.8-0.7.C30mdk.i586.rpm 3f786a780a2355f4605886287fc489c3 corporate/3.0/RPMS/mozilla-mail-1.7.8-0.7.C30mdk.i586.rpm 4dc8edd930a75430e84520b3b2f00859 corporate/3.0/RPMS/mozilla-spellchecker-1.7.8-0.7.C30mdk.i586.rpm 4f1024a56ad3c8f3aef13ff2ea881ceb corporate/3.0/SRPMS/mozilla-1.7.8-0.7.C30mdk.src.rpm Corporate 3.0/X86_64: 990fd040a970e2fe393665bc87f9d964 x86_64/corporate/3.0/RPMS/lib64nspr4-1.7.8-0.7.C30mdk.x86_64.rpm e70615c6a988f23636f7bf3d642d2028 x86_64/corporate/3.0/RPMS/lib64nspr4-devel-1.7.8-0.7.C30mdk.x86_64.rpm 69e14625db53e49b4d1fcd9d346218db x86_64/corporate/3.0/RPMS/lib64nss3-1.7.8-0.7.C30mdk.x86_64.rpm 17f22cc0913232f4d0cd3efbffd17af1 x86_64/corporate/3.0/RPMS/lib64nss3-devel-1.7.8-0.7.C30mdk.x86_64.rpm 23d7b49cde6c2e96742f45625845d825 x86_64/corporate/3.0/RPMS/mozilla-1.7.8-0.7.C30mdk.x86_64.rpm a14cde7bc834e298f9b1ff97d0faa04c x86_64/corporate/3.0/RPMS/mozilla-devel-1.7.8-0.7.C30mdk.x86_64.rpm 7b6a92d89e3771330e69b24eef80d02b x86_64/corporate/3.0/RPMS/mozilla-dom-inspector-1.7.8-0.7.C30mdk.x86_64.rpm 88510e96eee3232f5dd931de50ef9878 x86_64/corporate/3.0/RPMS/mozilla-enigmail-1.7.8-0.7.C30mdk.x86_64.rpm 71e44f63b296849361d5733b0e6824d1 x86_64/corporate/3.0/RPMS/mozilla-enigmime-1.7.8-0.7.C30mdk.x86_64.rpm 1740b993c3c30a35dcd37d7c88bd6187 x86_64/corporate/3.0/RPMS/mozilla-irc-1.7.8-0.7.C30mdk.x86_64.rpm 13b44d4ab0a1b80fb50ad8c881d94253 x86_64/corporate/3.0/RPMS/mozilla-js-debugger-1.7.8-0.7.C30mdk.x86_64.rpm b9683c1834c25ab3d78606b912714780 x86_64/corporate/3.0/RPMS/mozilla-mail-1.7.8-0.7.C30mdk.x86_64.rpm 7ccb971d176e3e3a1a924bfc23f34b1e x86_64/corporate/3.0/RPMS/mozilla-spellchecker-1.7.8-0.7.C30mdk.x86_64.rpm 4f1024a56ad3c8f3aef13ff2ea881ceb x86_64/corporate/3.0/SRPMS/mozilla-1.7.8-0.7.C30mdk.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFD6SVbmqjQ0CJFipgRAtEGAKDeolBWyZSrRKa1tL4JSbkQw+z06ACgkcGr VCmfGeobl7Qv+lFgSZbx3rE= =NT/H -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/