Advisories ยป MGASA-2015-0447

Updated iceape packages fix security vulnerabilities

Publication date: 16 Nov 2015
Modification date: 16 Nov 2015
Type: security
Affected Mageia releases : 5
CVE: CVE-2015-4513 , CVE-2015-4514 , CVE-2015-4515 , CVE-2015-4518 , CVE-2015-7187 , CVE-2015-7188 , CVE-2015-7189 , CVE-2015-7193 , CVE-2015-7194 , CVE-2015-7195 , CVE-2015-7196 , CVE-2015-7197 , CVE-2015-7198 , CVE-2015-7199 , CVE-2015-7200

Description

Updated iceape packages fix security issues:

Multiple unspecified vulnerabilities in the browser engine in Mozilla 
Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers 
to cause a denial of service (memory corruption and application crash) or 
possibly execute arbitrary code via unknown vectors. (CVE-2015-4513)

Multiple unspecified vulnerabilities in the browser engine in Mozilla 
Firefox before 42.0 allow remote attackers to cause a denial of service 
(memory corruption and application crash) or possibly execute arbitrary 
code via unknown vectors. (CVE-2015-4514)

Mozilla Firefox before 42.0, when NTLM v1 is enabled for HTTP 
authentication, allows remote attackers to obtain sensitive hostname 
information by constructing a crafted web site that sends an NTLM request 
and reads the Workstation field of an NTLM type 3 message. (CVE-2015-4515)

The Reader View implementation in Mozilla Firefox before 42.0 has an 
improper whitelist, which makes it easier for remote attackers to bypass 
the Content Security Policy (CSP) protection mechanism and conduct 
cross-site scripting (XSS) attacks via vectors involving SVG animations and 
the about:reader URL. (CVE-2015-4518)

The Add-on SDK in Mozilla Firefox before 42.0 misinterprets a "script: 
false" panel setting, which makes it easier for remote attackers to conduct 
cross-site scripting (XSS) attacks via inline JavaScript code that is 
executed within a third-party extension. (CVE-2015-7187)

Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote 
attackers to bypass the Same Origin Policy for an IP address origin, and 
conduct cross-site scripting (XSS) attacks, by appending whitespace 
characters to an IP address string. (CVE-2015-7188)

Race condition in the JPEGEncoder function in Mozilla Firefox before 42.0 
and Firefox ESR 38.x before 38.4 allows remote attackers to execute 
arbitrary code or cause a denial of service (heap-based buffer overflow) 
via vectors involving a CANVAS element and crafted JavaScript code. 
(CVE-2015-7189)

Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 improperly 
follow the CORS cross-origin request algorithm for the POST method in 
situations involving an unspecified Content-Type header manipulation, which 
allows remote attackers to bypass the Same Origin Policy by leveraging the 
lack of a preflight-request step. (CVE-2015-7193)

Buffer underflow in libjar in Mozilla Firefox before 42.0 and Firefox ESR 
38.x before 38.4 allows remote attackers to cause a denial of service 
(application crash) or possibly execute arbitrary code via a crafted ZIP 
archive. (CVE-2015-7194)

The URL parsing implementation in Mozilla Firefox before 42.0 improperly 
recognizes escaped characters in hostnames within Location headers, which 
allows remote attackers to obtain sensitive information via vectors 
involving a redirect. (CVE-2015-7195)

Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, when a Java 
plugin is enabled, allow remote attackers to cause a denial of service 
(incorrect garbage collection and application crash) or possibly execute 
arbitrary code via a crafted Java applet that deallocates an in-use 
JavaScript wrapper. (CVE-2015-7196)

Buffer overflow in the rx::TextureStorage11 class in ANGLE, as used in 
Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4, allows remote 
attackers to cause a denial of service (memory corruption) or possibly have 
unspecified other impact via crafted texture data. (CVE-2015-7198)

The (1) AddWeightedPathSegLists and (2) SVGPathSegListSMILType::Interpolate 
functions in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 
lack status checking, which allows remote attackers to cause a denial of 
service (memory corruption) or possibly have unspecified other impact via a 
crafted SVG document. (CVE-2015-7199)

The CryptoKey interface implementation in Mozilla Firefox before 42.0 and 
Firefox ESR 38.x before 38.4 lacks status checking, which allows attackers 
to have an unspecified impact via vectors related to a cryptographic key. 
(CVE-2015-7200)

Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 improperly 
control the ability of a web worker to create a WebSocket object, which 
allows remote attackers to bypass intended mixed-content restrictions via 
crafted JavaScript code. (CVE-2015-7197)

References

SRPMS

5/core