Several security-related problems have been discovered in Mozilla and
derived programs. The Common Vulnerabilities and Exposures project
identifies the following problems:
- CAN-2005-2871
Tom Ferris discovered a bug in the IDN hostname handling of
Mozilla that allows remote attackers to cause a denial of service
and possibly execute arbitrary code via a hostname with dashes.
- CAN-2005-2701
A buffer overflow allows remote attackers to execute arbitrary
code via an XBM image file that ends in a large number of spaces
instead of the expected end tag.
- CAN-2005-2702
Mats Palmgren discovered a buffer overflow in the Unicode string
parser that allows a specially crafted Unicode sequence to
overflow a buffer and cause arbitrary code to be executed.
- CAN-2005-2703
Remote attackers could spoof HTTP headers of XML HTTP requests
via XMLHttpRequest and possibly use the client to exploit
vulnerabilities in servers or proxies.
- CAN-2005-2704
Remote attackers could spoof DOM objects via an XBL control that
implements an internal XPCOM interface.
- CAN-2005-2705
Georgi Guninski discovered an integer overflow in the JavaScript
engine that might allow remote attackers to execute arbitrary
code.
- CAN-2005-2706
Remote attackers could execute Javascript code with chrome
privileges via an about: page such as about:mozilla.
- CAN-2005-2707
Remote attackers could spawn windows without user interface
components such as the address and status bar that could be used
to conduct spoofing or phishing attacks.
- CAN-2005-2968
Peter Zelezny discovered that shell metacharacters are not
properly escaped when they are passed to a shell script and allow
the execution of arbitrary commands, e.g. when a malicious URL is
automatically copied from another program into Mozilla as default
browser.
For the stable distribution (sarge) these problems have been fixed in
version 1.7.8-1sarge3.
For the unstable distribution (sid) these problems have been fixed in
version 1.7.12-1.
We recommend that you upgrade your mozilla package.