RHEL 2.1 / 3 : mozilla (RHSA-2004:486)

critical Nessus Plugin ID 15409

Synopsis

The remote Red Hat host is missing one or more security updates.

Description

Updated mozilla packages that fix a number of security issues are now available.

Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor.

Jesse Ruderman discovered a cross-domain scripting bug in Mozilla. If a user is tricked into dragging a JavaScript link into another frame or page, it becomes possible for an attacker to steal or modify sensitive information from that site. Additionally, if a user is tricked into dragging two links in sequence to another window (not frame), it is possible for the attacker to execute arbitrary commands.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0905 to this issue.

Gael Delalleau discovered an integer overflow which affects the BMP handling code inside Mozilla. An attacker could create a carefully crafted BMP file in such a way that it would cause Mozilla to crash or execute arbitrary code when the image is viewed. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0904 to this issue.

Georgi Guninski discovered a stack-based buffer overflow in the vCard display routines. An attacker could create a carefully crafted vCard file in such a way that it would cause Mozilla to crash or execute arbitrary code when viewed. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0903 to this issue.

Wladimir Palant discovered a flaw in the way JavaScript interacts with the clipboard. It is possible that an attacker could use malicious JavaScript code to steal sensitive data which has been copied into the clipboard. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0908 to this issue.

Georgi Guninski discovered a heap based buffer overflow in the 'Send Page' feature. It is possible that an attacker could construct a link in such a way that a user attempting to forward it could result in a crash or arbitrary code execution. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0902 to this issue.

Users of Mozilla should update to these updated packages, which contain backported patches and are not vulnerable to these issues.

Solution

Update the affected packages.

See Also

https://access.redhat.com/security/cve/cve-2004-0902

https://access.redhat.com/security/cve/cve-2004-0903

https://access.redhat.com/security/cve/cve-2004-0904

https://access.redhat.com/security/cve/cve-2004-0905

https://access.redhat.com/security/cve/cve-2004-0908

https://www.mozilla.org/en-US/security/known-vulnerabilities/

https://access.redhat.com/errata/RHSA-2004:486

Plugin Details

Severity: Critical

ID: 15409

File Name: redhat-RHSA-2004-486.nasl

Version: 1.29

Type: local

Agent: unix

Published: 10/2/2004

Updated: 1/14/2021

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.0

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:mozilla-nspr, p-cpe:/a:redhat:enterprise_linux:mozilla, cpe:/o:redhat:enterprise_linux:3, p-cpe:/a:redhat:enterprise_linux:mozilla-nspr-devel, p-cpe:/a:redhat:enterprise_linux:mozilla-dom-inspector, p-cpe:/a:redhat:enterprise_linux:mozilla-nss, p-cpe:/a:redhat:enterprise_linux:mozilla-js-debugger, p-cpe:/a:redhat:enterprise_linux:mozilla-devel, p-cpe:/a:redhat:enterprise_linux:mozilla-nss-devel, cpe:/o:redhat:enterprise_linux:2.1, p-cpe:/a:redhat:enterprise_linux:mozilla-chat, p-cpe:/a:redhat:enterprise_linux:mozilla-mail, p-cpe:/a:redhat:enterprise_linux:galeon

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Patch Publication Date: 9/30/2004

Vulnerability Publication Date: 9/14/2004

Reference Information

CVE: CVE-2004-0902, CVE-2004-0903, CVE-2004-0904, CVE-2004-0905, CVE-2004-0908

RHSA: 2004:486

Secunia: 12526