#238492: Multiple Security Vulnerabilities in Solaris 10 Firefox may Allow Execution of Arbitrary Code and Access to Unauthorized Data

Multiple Security Vulnerabilities in Solaris 10 Firefox may Allow Execution of Arbitrary Code and Access to Unauthorized Data

Category :	Security
Release Phase :	Resolved
Bug Id :	6663845, 6681417, 6695896
Date of Resolved Release :	09-Jun-2008
Product :	Solaris 10 Operating System

Multiple security vulnerabilities in the firefox(1) application (see below for details)

1. Impact

Multiple security vulnerabilities in the firefox(1) application shipped with
Solaris 10 may allow local or remote unprivileged user to execute arbitrary
code on a remote machine with the privileges of a local user or trick local
users into confirming an unsafe action, such as remote file execution or
gain access to unauthorised data and cause firefox(1) application to crash,
or conduct Cross-Site Scripting (XSS) attacks on sites which allow users to
upload pictures, archives, or other files. The ability to crash the firefox(1)
application is a type of Denial of Service (Dos).

The following Mozilla advisories describe the vulnerabities:

2. Contributing Factors

These issues can occur in the following releases:

SPARC Platform

Firefox 2.0 for Solaris 10 without patch 125539-04

OpenSolaris based upon builds snv_88 or earlier

x86 Platform

Firefox 2.0 for Solaris 10 without patch 125540-04

OpenSolaris based upon builds snv_88 or earlier

Note: Solaris 8 and Solaris 9 do not ship Firefox and hence are
not affected by these issues.

Note: OpenSolaris distributions may include additional bug fixes above
and beyond the build from which it was derived.
The base build can be derived as follows:

 $uname -a
 SunOS hostname 5.11 snv_86 i86pc i386 i86pc

3. Symptoms

There are no predictable symptoms that would indicate the described issues have
been exploited.

4. Workaround

To work around the issues described in CVE-2008-0412, CVE-2008-0413,
CVE-2008-0415, CVE-2008-0416, CVE-2008-0419, CVE-2008-0420,
CVE-2008-0591, CVE-2008-0593, CVE-2008-1233, CVE-2008-1234,
CVE-2008-1235, CVE-2008-1236, CVE-2008-1237, CVE-2008-1238,
CVE-2007-4879, CVE-2008-1195, CVE-2008-1240, CVE-2008-1241 and
CVE-2008-1380 disable JavaScript by doing the following:

1. Open the "Preferences" dialog from the Edit menu
2. Select the "Content" tab
3. Uncheck the "Enable JavaScript" check box

To work around the issues described in CVE-2008-0417, do not ask
Firefox to save passwords on untrusted sites.

To work around the issues described in CVE-2008-0418, disable
"flat-packaged" add-ons.

5. Resolution

These issues addressed in the following releases:

SPARC Platform

Solaris 10 with patch 125539-04 or later

OpenSolaris based upon builds snv_89 or later

x86 Platform

Solaris 10 with patch 125540-04 or later

OpenSolaris based upon builds snv_89 or later

For more information on Security Sun Alerts, see Technical Instruction ID 213557

http://sunsolve.sun.com/search/document.do?assetkey=1-61-213557-1

This Sun Alert notification is being provided to you on an "AS IS" basis. This Sun Alert notification may contain information provided by third parties. The issues described in this Sun Alert notification may or may not impact your system(s). Sun makes no representations, warranties, or guarantees as to the information contained herein. ANY AND ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT, ARE HEREBY DISCLAIMED. BY ACCESSING THIS DOCUMENT YOU ACKNOWLEDGE THAT SUN SHALL IN NO EVENT BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES THAT ARISE OUT OF YOUR USE OR FAILURE TO USE THE INFORMATION CONTAINED HEREIN. This Sun Alert notification contains Sun proprietary and confidential information. It is being provided to you pursuant to the provisions of your agreement to purchase services from Sun, or, if you do not have such an agreement, the Sun.com Terms of Use. This Sun Alert notification may only be used for the purposes contemplated by these agreements.

Copyright 2000-2008 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, CA 95054 U.S.A. All rights reserved.

Attachments

This solution has no attachment