Mozilla adds to its growing patch pile

By Bill Brenner, News Writer 24 Mar 2005 | SearchSecurity.com

Digg This!     StumbleUpon     Del.icio.us

It's been a busy month of patching for the Mozilla Foundation.

The latest fixes outlined in three advisories Mozilla issued Wednesday address glitches attackers could exploit to launch malicious code and set the stage for future online assaults.

The first problem is that a ".GIF processing error when parsing the obsolete Netscape extension 2 can lead to an exploitable heap overrun, allowing an attacker to run arbitrary code on the user's machine," Mozilla said in a statement.

Mozilla credited researcher Mark Dowd from the Internet Security Systems X-Force for reporting the issue. ISS X-Force said in its advisory that "by crafting a .GIF file in a malicious manner, an attacker is able to trigger a heap overflow within the application viewing the image, leading to arbitrary code execution and remote compromise."

The vulnerability has been fixed in Firefox 1.0.2, Thunderbird 1.0.2 and Mozilla Suite 1.7.6.

Mozilla said the second problem is that "a malicious page that could lure a user into dragging something (such as a fake scrollbar) can bypass the restriction on opening privileged XUL." XUL (Extensible User-interface Language) is a standard way to exchange data that describes a program's user interface, or at least the portion of it that can be controlled by programming.

"The startup scripts in the XUL will run with enhanced privilege, though the actions taken upon merely opening most XUL are benign," Mozilla's advisory said. "So far no way to run arbitrary code supplied by the attacker has been found, but this could be a stepping stone to future attacks."

Mozilla credited researcher Michael Krax for reporting this vulnerability, which has been fixed in Firefox 1.0.2 and Mozilla Suite 1.7.6.

Related Links Mozilla fixes drag-and-drop flaw Security Bytes: Mozilla addresses fresh flaws

The third problem, Mozilla said, is that "if a user bookmarked a malicious page as a Firefox sidebar panel, that page could execute arbitrary programs by opening a privileged page and injecting Javascript into it."

Mozilla said researcher Kohei Yoshino reported this vulnerability, which has been fixed in Firefox 1.0.2.

Mozilla has fixed a variety of security holes in recent weeks.

One was a drag-and-drop vulnerability in Thunderbird, Firefox and Mozilla Suite attackers could exploit to plant malware on targeted machines.

The vendor also addressed a "Save Link As" download dialog spoofing vulnerability in Mozilla and Firefox attackers could exploit to trick users into downloading malicious files.

Tags: Security Patch Management,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Security Patch Management Squad: Tokenization, Phishing and the Feds Should management processes change based on a patch release schedule? Should Windows Mobile updates come from Microsoft? Adobe updates ColdFusion, JRun, Flex Trusteer CEO criticizes Adobe, touts better patch deployments Patch management study shows IT taking significant risks Vulnerability mitigation study shows need for faster patching Microsoft to issue security report card, new tool at Black Hat How to manage patches for Adobe When is it suitable to remove Java updates?

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary attack vector  (SearchSecurity.com) back door  (SearchSecurity.com) ethical worm  (SearchSecurity.com) Patch Tuesday  (SearchSecurity.com) zero-day exploit  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary