CVE-2005-2705
CVSS7.5
发布时间 :2005-09-23 15:03:00
修订时间 :2011-03-07 21:24:55
NMCOPS    

[原文]Integer overflow in the JavaScript engine in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 might allow remote attackers to execute arbitrary code.


[CNNVD]Mozilla套件和Firefox浏览器javascript引擎整数溢出漏洞(CNNVD-200509-234)

        Mozilla套件和Firefox是非常流行的开放源码WEB浏览器。
        Mozilla和Firefox的JavaScript引擎中存在整数溢出漏洞,在有利的条件下,恶意的Web页面可能以运行Mozilla或Firefox用户的权限执行任意代码。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:mozilla:firefox:1.0.3Mozilla Firefox 1.0.3
cpe:/a:mozilla:firefox:1.0.6Mozilla Firefox 1.0.6
cpe:/a:mozilla:mozilla_suite:1.7.8Mozilla Mozilla Suite 1.7.8
cpe:/a:mozilla:mozilla_suite:1.7.6Mozilla Mozilla Suite 1.7.6
cpe:/a:mozilla:mozilla_suite:1.7.11Mozilla Mozilla Suite 1.7.11
cpe:/a:mozilla:mozilla_suite:1.7.7Mozilla Mozilla Suite 1.7.7
cpe:/a:mozilla:firefox:1.0.1Mozilla Firefox 1.0.1
cpe:/a:mozilla:firefox:1.0Mozilla Firefox 1.0
cpe:/a:mozilla:firefox:1.0.2Mozilla Firefox 1.0.2
cpe:/a:mozilla:firefox:1.0.5Mozilla Firefox 1.0.5
cpe:/a:mozilla:firefox:1.0.4Mozilla Firefox 1.0.4
cpe:/a:mozilla:mozilla_suite:1.7.10Mozilla Mozilla Suite 1.7.10

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:1307Firefox/Mozilla Suite JavaScript Integer Overflow
oval:org.mitre.oval:def:10367Integer overflow in the JavaScript engine in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 might allow remote attackers to execute ar...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2705
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2705
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200509-234
(官方数据源) CNNVD

- 其它链接及资源

http://www.vupen.com/english/advisories/2005/1824
(UNKNOWN)  VUPEN  ADV-2005-1824
http://www.redhat.com/support/errata/RHSA-2005-785.html
(UNKNOWN)  REDHAT  RHSA-2005:785
http://www.mozilla.org/security/announce/mfsa2005-58.html
(UNKNOWN)  CONFIRM  http://www.mozilla.org/security/announce/mfsa2005-58.html
http://www.mandriva.com/security/advisories?name=MDKSA-2005:170
(UNKNOWN)  MANDRIVA  MDKSA-2005:170
http://www.mandriva.com/security/advisories?name=MDKSA-2005:169
(UNKNOWN)  MANDRIVA  MDKSA-2005:169
http://securitytracker.com/id?1014954
(UNKNOWN)  SECTRACK  1014954
https://bugzilla.mozilla.org/show_bug.cgi?id=303213
(UNKNOWN)  MISC  https://bugzilla.mozilla.org/show_bug.cgi?id=303213
http://xforce.iss.net/xforce/xfdb/22377
(UNKNOWN)  XF  mozilla-javascript-bo(22377)
http://www.ubuntu.com/usn/usn-200-1
(UNKNOWN)  UBUNTU  USN-200-1
http://www.securityfocus.com/bid/15495
(UNKNOWN)  BID  15495
http://www.securityfocus.com/bid/14917
(UNKNOWN)  BID  14917
http://www.redhat.com/support/errata/RHSA-2005-791.html
(UNKNOWN)  REDHAT  RHSA-2005:791
http://www.redhat.com/support/errata/RHSA-2005-789.html
(UNKNOWN)  REDHAT  RHSA-2005:789
http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html
(UNKNOWN)  FEDORA  FLSA-2006:168375
http://www.novell.com/linux/security/advisories/2005_58_mozilla.html
(UNKNOWN)  SUSE  SUSE-SA:2005:058
http://www.mandriva.com/security/advisories?name=MDKSA-2005:174
(UNKNOWN)  MANDRIVA  MDKSA-2005:174
http://www.debian.org/security/2005/dsa-868
(UNKNOWN)  DEBIAN  DSA-868
http://www.debian.org/security/2005/dsa-866
(UNKNOWN)  DEBIAN  DSA-866
http://www.debian.org/security/2005/dsa-838
(UNKNOWN)  DEBIAN  DSA-838
http://secunia.com/advisories/17284
(UNKNOWN)  SECUNIA  17284
http://secunia.com/advisories/17263
(UNKNOWN)  SECUNIA  17263
http://secunia.com/advisories/17149
(UNKNOWN)  SECUNIA  17149
http://secunia.com/advisories/17090
(UNKNOWN)  SECUNIA  17090
http://secunia.com/advisories/17042
(UNKNOWN)  SECUNIA  17042
http://secunia.com/advisories/17026
(UNKNOWN)  SECUNIA  17026
http://secunia.com/advisories/17014
(UNKNOWN)  SECUNIA  17014
http://secunia.com/advisories/16977
(UNKNOWN)  SECUNIA  16977
http://secunia.com/advisories/16917
(UNKNOWN)  SECUNIA  16917
http://secunia.com/advisories/16911
(UNKNOWN)  SECUNIA  16911
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
(UNKNOWN)  SCO  SCOSA-2005.49

- 漏洞信息

Mozilla套件和Firefox浏览器javascript引擎整数溢出漏洞
高危 缓冲区溢出
2005-09-23 00:00:00 2005-10-20 00:00:00
远程※本地  
        Mozilla套件和Firefox是非常流行的开放源码WEB浏览器。
        Mozilla和Firefox的JavaScript引擎中存在整数溢出漏洞,在有利的条件下,恶意的Web页面可能以运行Mozilla或Firefox用户的权限执行任意代码。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
        Mozilla Upgrade Firefox 1.0.7
        http://www.mozilla.org/products/firefox/
        Mozilla Upgrade Mozilla 1.7.12
        http://www.mozilla.org/products/mozilla1.x/

- 漏洞信息 (F40896)

Debian Linux Security Advisory 866-1 (PacketStormID:F40896)
2005-10-25 00:00:00
Debian  security.debian.org
advisory
linux,debian
CVE-2005-2871,CVE-2005-2701,CVE-2005-2702,CVE-2005-2703,CVE-2005-2704,CVE-2005-2705,CVE-2005-2706,CVE-2005-2707,CVE-2005-2968
[点击下载]

Debian Security Advisory DSA 866-1 - Several security-related problems have been discovered in Mozilla and derived programs.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 866-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
October 20th, 2005                      http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : mozilla
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE IDs        : CAN-2005-2871 CAN-2005-2701 CAN-2005-2702 CAN-2005-2703 
                 CAN-2005-2704 CAN-2005-2705 CAN-2005-2706 CAN-2005-2707
                 CAN-2005-2968 
Debian Bug     : 327366 329778

Several security-related problems have been discovered in Mozilla and
derived programs.  The Common Vulnerabilities and Exposures project
identifies the following problems:

CAN-2005-2871

    Tom Ferris discovered a bug in the IDN hostname handling of
    Mozilla that allows remote attackers to cause a denial of service
    and possibly execute arbitrary code via a hostname with dashes.

CAN-2005-2701

    A buffer overflow allows remote attackers to execute arbitrary
    code via an XBM image file that ends in a large number of spaces
    instead of the expected end tag.

CAN-2005-2702

    Mats Palmgren discovered a buffer overflow in the Unicode string
    parser that allowas a specially crafted unicode sequences to
    overflow a buffer and cause arbitrary code to be executed.

CAN-2005-2703

    Remote attackers could spoof HTTP headers of XML HTTP requests
    via XMLHttpRequest and possibly use the client to exploit
    vulnerabilities in servers or proxies.

CAN-2005-2704

    Remote attackers could spoof DOM objects via an XBL control that
    implements an internal XPCOM interface.

CAN-2005-2705

    Georgi Guninski discovered an integer overflow in the JavaScript
    engine that might allow remote attackers to execute arbitrary
    code.

CAN-2005-2706

    Remote attackers could execute Javascript code with chrome
    privileges via an about: page such as about:mozilla.

CAN-2005-2707

    Remote attackers could spawn windows without user interface
    components such as the address and status bar that could be used
    to conduct spoofing or phishing attacks.

CAN-2005-2968

    Peter Zelezny discovered that shell metacharacters are not
    properly escaped when they are passed to a shell script and allow
    the execution of arbitrary commands, e.g. when a malicious URL is
    automatically copied from another program into Mozilla as default
    browser.

For the stable distribution (sarge) these problems have been fixed in
version 1.7.8-1sarge3.

For the unstable distribution (sid) these problems have been fixed in
version 1.7.12-1.

We recommend that you upgrade your mozilla package.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge3.dsc
      Size/MD5 checksum:     1123 8bcf5da1d244d5793c6848126887cb6e
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge3.diff.gz
      Size/MD5 checksum:   410904 c6a4dc4aa262b71eb3e2f927ccba5be0
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8.orig.tar.gz
      Size/MD5 checksum: 30589520 13c0f0331617748426679e8f2e9f537a

  Alpha architecture:

    http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge3_alpha.deb
      Size/MD5 checksum:   168068 0f0d0d688c3ab7cc560f8fd9d6c25d42
    http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge3_alpha.deb
      Size/MD5 checksum:   141750 2ae997e1246b9b1622206b501bea6600
    http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge3_alpha.deb
      Size/MD5 checksum:   184954 4abf2c0225afacf0aa1e1ba3dd800f4b
    http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge3_alpha.deb
      Size/MD5 checksum:   851320 2322e9672808b8dbd61ce546c34ae48d
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge3_alpha.deb
      Size/MD5 checksum:     1034 ccbb5b52c82a76d6068fb1e566cfc0e8
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge3_alpha.deb
      Size/MD5 checksum: 11473888 416d49672810722e9d6a4744ba720801
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge3_alpha.deb
      Size/MD5 checksum:   403252 54b0512cf811dca554b670fdd86d49bc
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge3_alpha.deb
      Size/MD5 checksum:   158332 27c845b849ff9572f4dc422f49a245bb
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge3_alpha.deb
      Size/MD5 checksum:  3356504 309d86cb85b51f705a90305234bdd349
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge3_alpha.deb
      Size/MD5 checksum:   122294 9da4fba65b40fb381f7c286845db016c
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge3_alpha.deb
      Size/MD5 checksum:   204138 daba15cfb57b4e90f82f6d5d9229dadd
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge3_alpha.deb
      Size/MD5 checksum:  1937032 e3e3b5b01ccc599e80802ea5542be2a8
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge3_alpha.deb
      Size/MD5 checksum:   212304 34a959e6684c4d2420ec8b171431337f

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge3_amd64.deb
      Size/MD5 checksum:   168070 468e694be0ebaa5ce4e16ea0c4406189
    http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge3_amd64.deb
      Size/MD5 checksum:   140860 ee10c3ff4a930822c9429adc52bc45ec
    http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge3_amd64.deb
      Size/MD5 checksum:   184958 fd569d871b83791830e2a34bb6d7057d
    http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge3_amd64.deb
      Size/MD5 checksum:   709690 daa6df6f1136911cebd67b65e5ae0d8c
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge3_amd64.deb
      Size/MD5 checksum:     1034 7506e80353b173f5937fa81b5226c46f
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge3_amd64.deb
      Size/MD5 checksum: 10945966 04cc79158e4dbd34d4914c74b77bf171
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge3_amd64.deb
      Size/MD5 checksum:   403278 ac4204e9a030cedbcc2d70f9cf29ec74
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge3_amd64.deb
      Size/MD5 checksum:   158332 a948ab9d30f0f70ed531df741bbef633
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge3_amd64.deb
      Size/MD5 checksum:  3350620 ed6b86963e5633e930efa04cbf49c23a
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge3_amd64.deb
      Size/MD5 checksum:   121188 461d803a26259e607a8ae88227bb8f9b
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge3_amd64.deb
      Size/MD5 checksum:   204146 57847a442a198b0292cb7342aa601f6a
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge3_amd64.deb
      Size/MD5 checksum:  1935958 ecf18b188b80e21b5d453a5f10c98eec
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge3_amd64.deb
      Size/MD5 checksum:   204120 adedcdc7ce580e37aa1691e1f0017465

  ARM architecture:

    http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge3_arm.deb
      Size/MD5 checksum:   168072 1680de3cf45d25f199169df90198d91b
    http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge3_arm.deb
      Size/MD5 checksum:   119254 ed0841a82dcbff6f50eaf86884123139
    http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge3_arm.deb
      Size/MD5 checksum:   184958 760e7eca4f231c8b710679223a1509f4
    http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge3_arm.deb
      Size/MD5 checksum:   626902 b827e60ee8ef0451819d2b35d94e0cde
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge3_arm.deb
      Size/MD5 checksum:     1034 4067826ca023d09accef5e01cdcf8927
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge3_arm.deb
      Size/MD5 checksum:  9199650 6c0531d03c913bdd833244c09c69a755
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge3_arm.deb
      Size/MD5 checksum:   403318 8528b835eb767963139990e95ac22479
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge3_arm.deb
      Size/MD5 checksum:   158370 63bf5489d67b03f59914660f5e3fbc19
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge3_arm.deb
      Size/MD5 checksum:  3340150 7677f622511082306114f5975a1fdfd5
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge3_arm.deb
      Size/MD5 checksum:   112664 6a63c4b71535b14a2951b496bb1737ee
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge3_arm.deb
      Size/MD5 checksum:   204180 a721d46a7ae817223a25a917d7b75b59
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge3_arm.deb
      Size/MD5 checksum:  1604374 b8c9560bc78a2b11dfa47b909a134915
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge3_arm.deb
      Size/MD5 checksum:   168724 68e4814d6b8a48ae504c0348e8ba5339

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge3_i386.deb
      Size/MD5 checksum:   170348 3a338ed93f9999e56e8de24750380951
    http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge3_i386.deb
      Size/MD5 checksum:   131660 371c4a5c674351727d2dafe5981ed459
    http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge3_i386.deb
      Size/MD5 checksum:   187124 8d536c4dc957e4448d1ca923ff7504e1
    http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge3_i386.deb
      Size/MD5 checksum:   656500 9a48b94605f82038226bdfae108437ad
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge3_i386.deb
      Size/MD5 checksum:     1032 e00305ced1db4728dc26cbde13f0c875
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge3_i386.deb
      Size/MD5 checksum: 10323428 d781aa4f05704110d987cd24ff60787b
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge3_i386.deb
      Size/MD5 checksum:   403498 d0b31286d891952b68f8f96244264933
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge3_i386.deb
      Size/MD5 checksum:   158350 cac6b890d307df1f55f64c5ffa6aa0ec
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge3_i386.deb
      Size/MD5 checksum:  3591928 60af02162969c248eea0960220b8c494
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge3_i386.deb
      Size/MD5 checksum:   116678 1aac8406b1c144c534bcb59cbf2915e5
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge3_i386.deb
      Size/MD5 checksum:   204160 b5b7c32fba5f1e20f7e9180888a36c86
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge3_i386.deb
      Size/MD5 checksum:  1816024 4a576d88be7edd2557b00e0f27b475ca
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge3_i386.deb
      Size/MD5 checksum:   192474 4a5c07772c5ae39ae8567f50ddd87510

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge3_ia64.deb
      Size/MD5 checksum:   168074 34194b2472f75c435e4888d035751c7e
    http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge3_ia64.deb
      Size/MD5 checksum:   169256 69f323c191a107e6d13131457bcb4201
    http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge3_ia64.deb
      Size/MD5 checksum:   184942 1c81683df7075e3ff638943fd66da558
    http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge3_ia64.deb
      Size/MD5 checksum:   961618 d70bed86c7064819420484ef09f747fa
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge3_ia64.deb
      Size/MD5 checksum:     1034 8942e83eb30f9c784fda07e000ffd2cb
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge3_ia64.deb
      Size/MD5 checksum: 12935870 d31336ee6f759a56f0c5a031be5db2a0
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge3_ia64.deb
      Size/MD5 checksum:   403266 af925e5281bb125f9b9dcb8118ede048
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge3_ia64.deb
      Size/MD5 checksum:   158328 0c6de22bd54959f4ef12a7ee148d0a1c
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge3_ia64.deb
      Size/MD5 checksum:  3376324 f1d100626a6b892fbe560613db00d4e1
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge3_ia64.deb
      Size/MD5 checksum:   125600 99bf7b1eac7fd3b9325292c6bb01983c
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge3_ia64.deb
      Size/MD5 checksum:   204150 7b429e1c119fb0c6f99b73202dd47340
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge3_ia64.deb
      Size/MD5 checksum:  2302138 90d4d4480fddd4b33843d5ede6c6432b
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge3_ia64.deb
      Size/MD5 checksum:   242290 19ef32ec7a3d8112bd262a972abc3244

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge3_hppa.deb
      Size/MD5 checksum:   168074 857d31e6f4765f484dcf2188dcc98179
    http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge3_hppa.deb
      Size/MD5 checksum:   151784 93fad6b80c013029fcb2a05d1a894f62
    http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge3_hppa.deb
      Size/MD5 checksum:   184934 a68dbc505fc8c4816adb46a5a3c82c67
    http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge3_hppa.deb
      Size/MD5 checksum:   749684 997993f03e0ff8d8feae6ea7a0ee4dff
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge3_hppa.deb
      Size/MD5 checksum:     1036 ad7167f505365eed5c800f3a6d824a16
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge3_hppa.deb
      Size/MD5 checksum: 12151356 c3088480f9d891e0668475c630871fa1
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge3_hppa.deb
      Size/MD5 checksum:   403266 4b3a2d2248051b60f2c8193fff5e0027
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge3_hppa.deb
      Size/MD5 checksum:   158348 52d42654912ce2b829e74f4cae61e5f3
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge3_hppa.deb
      Size/MD5 checksum:  3357118 030f4677e561c75940a23fc17c53186b
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge3_hppa.deb
      Size/MD5 checksum:   123528 575de4da90909f637a8209a8b5206a75
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge3_hppa.deb
      Size/MD5 checksum:   204160 52cb13a773c8cf6720444832773b2a6d
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge3_hppa.deb
      Size/MD5 checksum:  2135076 95b9731fc144da69aa8a565129285867
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge3_hppa.deb
      Size/MD5 checksum:   216088 0b580da8010bc446450437c4bef6a852

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge3_m68k.deb
      Size/MD5 checksum:   168086 5baab34b027715db138a553fa6186ca2
    http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge3_m68k.deb
      Size/MD5 checksum:   120922 30aefe61290eea8ecd5d3bb394393cc3
    http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge3_m68k.deb
      Size/MD5 checksum:   184978 d28e4c157e0f7f8d7e6365871325472d
    http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge3_m68k.deb
      Size/MD5 checksum:   594988 d0fbe7576e14d79a8a26a6aca6febe54
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge3_m68k.deb
      Size/MD5 checksum:     1040 df7a707868c3782e3e185f51398652ec
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge3_m68k.deb
      Size/MD5 checksum:  9694422 d35904c88782014105ad627782a4d647
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge3_m68k.deb
      Size/MD5 checksum:   403392 e9baf3831aabc80453fc932a21705f55
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge3_m68k.deb
      Size/MD5 checksum:   158404 64d9cacaee7eddbbebcba896d91a3fb8
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge3_m68k.deb
      Size/MD5 checksum:  3336022 410c6771807a58f84fbc68f4efe5d8c0
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge3_m68k.deb
      Size/MD5 checksum:   114488 ce1439ec5417be6c5331a4d36b2d0ad3
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge3_m68k.deb
      Size/MD5 checksum:   204204 b0586fecf23027fbb2da77ab2a087374
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge3_m68k.deb
      Size/MD5 checksum:  1683046 202452b798d007b686cfc73b4828e6e4
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge3_m68k.deb
      Size/MD5 checksum:   174656 0576d4e28cff50f35b3b792820a891ee

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge3_mips.deb
      Size/MD5 checksum:   168074 6e600772f1ae9937fad3a85e2d2a819b
    http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge3_mips.deb
      Size/MD5 checksum:   135780 da21f8ecfc98011cab3878329edf0e90
    http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge3_mips.deb
      Size/MD5 checksum:   184964 eb695db44835f788ffd161d9a09bc07e
    http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge3_mips.deb
      Size/MD5 checksum:   720760 df7ed9e05f5feb97ad5b5aed6a8c1cb9
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge3_mips.deb
      Size/MD5 checksum:     1030 9e7a23c2f26c00651603614bfffcadf7
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge3_mips.deb
      Size/MD5 checksum: 10717192 7532d54da0609102c98779fcb91342ab
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge3_mips.deb
      Size/MD5 checksum:   403276 b7e6d63030f2507aa6a0edf202a5fcf5
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge3_mips.deb
      Size/MD5 checksum:   158342 c0e3c0a92974c016ebe747abe219025a
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge3_mips.deb
      Size/MD5 checksum:  3356424 475fa0b07bf51ff03deae78dbe03e49a
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge3_mips.deb
      Size/MD5 checksum:   117650 0c5e2d08ec8f6994fd25249412905810
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge3_mips.deb
      Size/MD5 checksum:   204154 6dc1f043fd9711ef85e746fa68343466
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge3_mips.deb
      Size/MD5 checksum:  1795494 2902bb4f3409ca9bf1bf5db9f156f4f5
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge3_mips.deb
      Size/MD5 checksum:   189686 03ba2c9ff569a7fd9c5662593a79a203

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge3_mipsel.deb
      Size/MD5 checksum:   168078 dc38711d28268f3612fb63aab9e81e48
    http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge3_mipsel.deb
      Size/MD5 checksum:   135722 82e9e23f175607d8df77972ebf1ff567
    http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge3_mipsel.deb
      Size/MD5 checksum:   184960 56362daf4f5ece4a42f70d4d679b8920
    http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge3_mipsel.deb
      Size/MD5 checksum:   710146 6ff64a6b95ae5a9769f1137b515bb718
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge3_mipsel.deb
      Size/MD5 checksum:     1036 0c163e3c37edcce0f892385bba98ae68
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge3_mipsel.deb
      Size/MD5 checksum: 10595798 8c436a58b72d41a17be8b5bd1ba937d0
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge3_mipsel.deb
      Size/MD5 checksum:   403298 74b98bdc891109b89396b728c3a350d6
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge3_mipsel.deb
      Size/MD5 checksum:   158360 0abb0b8f6b9a66598faedc36a4c6aeef
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge3_mipsel.deb
      Size/MD5 checksum:  3357168 6c6ade8883db324618c8eb087204b848
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge3_mipsel.deb
      Size/MD5 checksum:   117230 2a3525c7ae141f632ea91d7f9c53d867
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge3_mipsel.deb
      Size/MD5 checksum:   204168 8f9b446f41a6ed4377aeabadbb5f727a
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge3_mipsel.deb
      Size/MD5 checksum:  1777632 a89dff300509a955328983a11fa9715f
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge3_mipsel.deb
      Size/MD5 checksum:   187280 4e690552ec6beb0984781e3d02d6ae0b

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge3_powerpc.deb
      Size/MD5 checksum:   168070 2910309767f54c3d9179e41d6609071c
    http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge3_powerpc.deb
      Size/MD5 checksum:   126254 b48a81baa031c2f66a41138694092bde
    http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge3_powerpc.deb
      Size/MD5 checksum:   184970 885947f4a6c993fe56b9d7ca7a4d0a49
    http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge3_powerpc.deb
      Size/MD5 checksum:   713902 a3f5f45ebfcb4572eee055f34ddc6d3c
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge3_powerpc.deb
      Size/MD5 checksum:     1032 a79846dc6dee5341341dfc0efb839da5
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge3_powerpc.deb
      Size/MD5 checksum:  9692218 c4c97459a3358dd97f2bb13adb6617b1
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge3_powerpc.deb
      Size/MD5 checksum:   403262 327617a0606e4403989f357bc5816f00
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge3_powerpc.deb
      Size/MD5 checksum:   158338 7223c837a306972a49005963272827d0
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge3_powerpc.deb
      Size/MD5 checksum:  3338984 438eeba7c05594e72b934aa3ff0d6b00
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge3_powerpc.deb
      Size/MD5 checksum:   114572 3dc6efa3ec953457adef9e86e2218252
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge3_powerpc.deb
      Size/MD5 checksum:   204148 cdb236b98cdd04ea38c4cfeae882dddd
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge3_powerpc.deb
      Size/MD5 checksum:  1642994 83c2648f40675e1166c38642e5c018fc
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge3_powerpc.deb
      Size/MD5 checksum:   175488 f91f3374e33d102f2e80f47845bbd37a

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge3_s390.deb
      Size/MD5 checksum:   168076 9b7c95dae196bca9760da3044314101c
    http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge3_s390.deb
      Size/MD5 checksum:   151560 2d8299d552d5aefb1909635cd6855178
    http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge3_s390.deb
      Size/MD5 checksum:   184944 026e95bb0540d3adefc663ef05c30d26
    http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge3_s390.deb
      Size/MD5 checksum:   793916 4af6b6eff683ecea1c0774e87a9824a4
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge3_s390.deb
      Size/MD5 checksum:     1036 5deff17e56c5bbb63c62abde258dec81
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge3_s390.deb
      Size/MD5 checksum: 11316324 577ebed78cd6b3967932766a559b8138
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge3_s390.deb
      Size/MD5 checksum:   403278 497e377c89b6efcff42109fe8056bf2f
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge3_s390.deb
      Size/MD5 checksum:   158342 3add2de4c148f0a9b10c8d2a1332a152
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge3_s390.deb
      Size/MD5 checksum:  3351434 4e3097be4aea2a697126b9a65c459b31
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge3_s390.deb
      Size/MD5 checksum:   121362 cd9ba2c09ca95d7a642d0d786211998e
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge3_s390.deb
      Size/MD5 checksum:   204160 1171d20b501f7753313fdaf23a41c024
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge3_s390.deb
      Size/MD5 checksum:  1944682 2049277c30f63f1d615cc627eb2cec4f
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge3_s390.deb
      Size/MD5 checksum:   213338 5a916db53bef94506e6b0d6f1df9376f

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/m/mozilla/libnspr-dev_1.7.8-1sarge3_sparc.deb
      Size/MD5 checksum:   168074 53076a1fba2d330bd5571cb4fea4fa95
    http://security.debian.org/pool/updates/main/m/mozilla/libnspr4_1.7.8-1sarge3_sparc.deb
      Size/MD5 checksum:   123456 818e82c6902a8eb7ff83e5e9ee49d638
    http://security.debian.org/pool/updates/main/m/mozilla/libnss-dev_1.7.8-1sarge3_sparc.deb
      Size/MD5 checksum:   184950 9ed1a72a7ad2f7822c45b640fc12db2d
    http://security.debian.org/pool/updates/main/m/mozilla/libnss3_1.7.8-1sarge3_sparc.deb
      Size/MD5 checksum:   667752 f51a3e38c77d915b56fc4dc858542df0
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla_1.7.8-1sarge3_sparc.deb
      Size/MD5 checksum:     1038 2c6c69ca282a5b3795400a4a6be97dab
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-browser_1.7.8-1sarge3_sparc.deb
      Size/MD5 checksum:  9363540 21cd6ebf954090ec18d4440ca3b42ea3
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-calendar_1.7.8-1sarge3_sparc.deb
      Size/MD5 checksum:   403306 b2c9c63ba99a77f2c201a131982913d7
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-chatzilla_1.7.8-1sarge3_sparc.deb
      Size/MD5 checksum:   158338 5e7b31b5566dfcb672fc77304e397bc2
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dev_1.7.8-1sarge3_sparc.deb
      Size/MD5 checksum:  3339922 e85b9b0a8bb22ba133603e5079176c24
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-dom-inspector_1.7.8-1sarge3_sparc.deb
      Size/MD5 checksum:   112514 5e9c038d6af9878049b337fc7752acca
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-js-debugger_1.7.8-1sarge3_sparc.deb
      Size/MD5 checksum:   204154 2c38ffa9843ed399eeb91c497c512db9
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-mailnews_1.7.8-1sarge3_sparc.deb
      Size/MD5 checksum:  1583742 ea09d4a4dbf10fb80f35e6ff6da8c690
    http://security.debian.org/pool/updates/main/m/mozilla/mozilla-psm_1.7.8-1sarge3_sparc.deb
      Size/MD5 checksum:   167912 7c07aaca4dcc3a97589237a0b7ffa650


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDVy6yW5ql+IAeqTIRAhJ2AKCzDWZWymjU0a+MQ/YP2Ot0Z/KLLQCeMLhf
jDP9xzoCAxmIUQsVvfX8CNE=
=ioS5
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
    

- 漏洞信息 (F40628)

Ubuntu Security Notice 200-1 (PacketStormID:F40628)
2005-10-12 00:00:00
Ubuntu  security.ubuntu.com
advisory,overflow,arbitrary,shell,javascript,vulnerability
linux,ubuntu
CVE-2005-2701,CVE-2005-2702,CVE-2005-2703,CVE-2005-2704,CVE-2005-2705,CVE-2005-2706,CVE-2005-2707,CVE-2005-2968
[点击下载]

Ubuntu Security Notice USN-200-1 - Multiple vulnerabilities exist in the mozilla-thunderbird package. A buffer overflow was discovered in the XBM image handler. By tricking an user into opening a specially crafted XBM image, an attacker could exploit this to execute arbitrary code with the user's privileges. Mats Palmgren discovered a buffer overflow in the Unicode string parser. Unicode strings that contained zero-width non-joiner characters caused a browser crash, which could possibly even exploited to execute arbitrary code with the user's privileges. Georgi Guninski reported an integer overflow in the JavaScript engine. This could be exploited to run arbitrary code under some conditions. Peter Zelezny discovered that URLs which are passed to Thunderbird on the command line are not correctly protected against interpretation by the shell. If Thunderbird is configured as the default handler for mailto: URLs, this could be exploited to execute arbitrary code with user privileges by tricking the user into clicking on a specially crafted URL (for example, in an email or chat client).

===========================================================
Ubuntu Security Notice USN-200-1	   October 11, 2005
mozilla-thunderbird vulnerabilities
CAN-2005-2701, CAN-2005-2702, CAN-2005-2703, CAN-2005-2704,
CAN-2005-2705, CAN-2005-2706, CAN-2005-2707, CAN-2005-2968
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)

The following packages are affected:

mozilla-thunderbird

The problem can be corrected by upgrading the affected package to
version 1.0.7-0ubuntu04.10 (for Ubuntu 4.10), or 1.0.7-0ubuntu05.04
(for Ubuntu 5.04).  After a standard system upgrade you need to
restart Thunderbird to effect the necessary changes.

Details follow:

A buffer overflow was discovered in the XBM image handler. By tricking
an user into opening a specially crafted XBM image, an attacker could
exploit this to execute arbitrary code with the user's privileges.
(CAN-2005-2701)

Mats Palmgren discovered a buffer overflow in the Unicode string
parser. Unicode strings that contained "zero-width non-joiner"
characters caused a browser crash, which could possibly even exploited
to execute arbitrary code with the user's privileges.
(CAN-2005-2702)

Georgi Guninski reported an integer overflow in the JavaScript engine.
This could be exploited to run arbitrary code under some conditions.
(CAN-2005-2705)

Peter Zelezny discovered that URLs which are passed to Thunderbird on the
command line are not correctly protected against interpretation by the shell.
If Thunderbird is configured as the default handler for "mailto:" URLs, this
could be exploited to execute arbitrary code with user privileges by tricking
the user into clicking on a specially crafted URL (for example, in an email or
chat client).  (CAN-2005-2968)

This update also fixes some less critical issues which are described
at http://www.mozilla.org/security/announce/mfsa2005-58.html.
(CAN-2005-2703, CAN-2005-2704, CAN-2005-2706, CAN-2005-2707)

The "enigmail" plugin has been updated to work with the new
Thunderbird and Mozilla versions.

Updated packages for Ubuntu 4.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.7-0ubuntu04.10.diff.gz
      Size/MD5:    79613 f9bde38c0670fa1425a90cb8ce4b0185
    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.7-0ubuntu04.10.dsc
      Size/MD5:      942 707e6e98a71dee959646fc729323fcf8
    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.7.orig.tar.gz
      Size/MD5: 32910701 6db01051ce21d9faadd119a1b88383b7
    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/enigmail_0.92-1ubuntu04.10.2.diff.gz
      Size/MD5:    17273 13d3e8b980bacb933f76c5705f507af2
    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/enigmail_0.92-1ubuntu04.10.2.dsc
      Size/MD5:      892 5072d001bb1b206877d11508a069f13f
    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/enigmail_0.92.orig.tar.gz
      Size/MD5:  2038607 c79925633b9e01fa6737d75c2e7acb89

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.7-0ubuntu04.10_amd64.deb
      Size/MD5:  3345028 b04933e0f9cad6333998a0dfae666173
    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.7-0ubuntu04.10_amd64.deb
      Size/MD5:   144016 156792439201556a8fd6bf9c1a6d985f
    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.7-0ubuntu04.10_amd64.deb
      Size/MD5:    26556 015d82c959ee206ceb2c09220a0fd6f4
    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.7-0ubuntu04.10_amd64.deb
      Size/MD5:    81636 f9331c7d54dc993721c18934398732e4
    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.7-0ubuntu04.10_amd64.deb
      Size/MD5: 12260290 5c5df9f4ca8502a0d6d084145989649f
    http://security.ubuntu.com/ubuntu/pool/universe/e/enigmail/mozilla-enigmail_0.92-1ubuntu04.10.2_amd64.deb
      Size/MD5:   326932 eaad6317faffbfe400f49969137b718e
    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/mozilla-thunderbird-enigmail_0.92-1ubuntu04.10.2_amd64.deb
      Size/MD5:   332914 a523cf68e0f4a123919f160efc27146b

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.7-0ubuntu04.10_i386.deb
      Size/MD5:  3338654 c0abd1899e6a8359a4f6793ccd8ea4af
    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.7-0ubuntu04.10_i386.deb
      Size/MD5:   139126 190afe37f6e2da0fa3dc2d8104be281c
    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.7-0ubuntu04.10_i386.deb
      Size/MD5:    26552 ab522a27164827f14ef71cb132e290ef
    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.7-0ubuntu04.10_i386.deb
      Size/MD5:    79288 0613543b80f24e73e91e5b2e271b62dc
    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.7-0ubuntu04.10_i386.deb
      Size/MD5: 11342604 a55bf50bc133c38da9fb2fd29fcf783d
    http://security.ubuntu.com/ubuntu/pool/universe/e/enigmail/mozilla-enigmail_0.92-1ubuntu04.10.2_i386.deb
      Size/MD5:   310660 3234927815cbf29ba5e185c9b9b95b11
    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/mozilla-thunderbird-enigmail_0.92-1ubuntu04.10.2_i386.deb
      Size/MD5:   318280 4fd58af2f3741c214b423a5c56574a80

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.7-0ubuntu04.10_powerpc.deb
      Size/MD5:  3333802 030aced3c33f475e172db83e791df525
    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.7-0ubuntu04.10_powerpc.deb
      Size/MD5:   137894 2716caa9d79e6eedaaaa2d56a53ddc9a
    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.7-0ubuntu04.10_powerpc.deb
      Size/MD5:    26552 d7a3b05a93f84b2a1fc3dbcf088a2639
    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.7-0ubuntu04.10_powerpc.deb
      Size/MD5:    73418 03b28536712653dc9394972399121cae
    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.7-0ubuntu04.10_powerpc.deb
      Size/MD5: 10896852 2e40122393db4aec2ecb17758464bd48
    http://security.ubuntu.com/ubuntu/pool/universe/e/enigmail/mozilla-enigmail_0.92-1ubuntu04.10.2_powerpc.deb
      Size/MD5:   312894 b76c35805b1a190d35a82ae36e79faf4
    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/mozilla-thunderbird-enigmail_0.92-1ubuntu04.10.2_powerpc.deb
      Size/MD5:   320138 603c5ef819898111cc7534c8a2ade052

Updated packages for Ubuntu 5.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.7-0ubuntu05.04.diff.gz
      Size/MD5:    79568 927f7fb3e2fa0d91e3e2929a3fbb022f
    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.7-0ubuntu05.04.dsc
      Size/MD5:      942 e644b0e7b01047b3014b63fc9a334a45
    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.7.orig.tar.gz
      Size/MD5: 32910701 6db01051ce21d9faadd119a1b88383b7
    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/enigmail_0.92-1ubuntu05.04.2.diff.gz
      Size/MD5:    17263 bc977ffccd94a895507a89fab00c0740
    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/enigmail_0.92-1ubuntu05.04.2.dsc
      Size/MD5:      892 8c5e2196917a692743a46aeee4c1742a
    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/enigmail_0.92.orig.tar.gz
      Size/MD5:  2038607 c79925633b9e01fa6737d75c2e7acb89

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.7-0ubuntu05.04_amd64.deb
      Size/MD5:  3344886 15f56aecc9a8c76a69479f75f0559ee4
    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.7-0ubuntu05.04_amd64.deb
      Size/MD5:   144006 4e60bcf3fb0c32d57a0b24d162feb23a
    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.7-0ubuntu05.04_amd64.deb
      Size/MD5:    26524 b2b1b1e7f6b7432c44b9e46f13528d1f
    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.7-0ubuntu05.04_amd64.deb
      Size/MD5:    81504 89cfb1ce5708c1c3cf41082bc486c403
    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.7-0ubuntu05.04_amd64.deb
      Size/MD5: 11953616 80eaa1ccacbd8bbc343ed05603431c7b
    http://security.ubuntu.com/ubuntu/pool/universe/e/enigmail/mozilla-enigmail_0.92-1ubuntu05.04.2_amd64.deb
      Size/MD5:   326942 358d55b0964721b909d0a5d1c7f99d41
    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/mozilla-thunderbird-enigmail_0.92-1ubuntu05.04.2_amd64.deb
      Size/MD5:   332960 91f90a97e9ad7dd36e91daf95d48068a

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.7-0ubuntu05.04_i386.deb
      Size/MD5:  3338534 c23ffedc8034495f9c4b672597b3301c
    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.7-0ubuntu05.04_i386.deb
      Size/MD5:   139102 8dfdcc3cecd98f6553c2f6e1294f3131
    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.7-0ubuntu05.04_i386.deb
      Size/MD5:    26520 7ddb9e9fa4bd2a4a4b25a74c49fbffea
    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.7-0ubuntu05.04_i386.deb
      Size/MD5:    79248 13adc727d9bf951eff938d3c352f7fc9
    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.7-0ubuntu05.04_i386.deb
      Size/MD5: 10901960 96bdb11e0ac8fe09cf83ccc49ae19351
    http://security.ubuntu.com/ubuntu/pool/universe/e/enigmail/mozilla-enigmail_0.92-1ubuntu05.04.2_i386.deb
      Size/MD5:   310688 8513c0c249978caa18d56b2e8a8141be
    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/mozilla-thunderbird-enigmail_0.92-1ubuntu05.04.2_i386.deb
      Size/MD5:   318308 61e86fa897f1b3a9609769633c63485a

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.7-0ubuntu05.04_powerpc.deb
      Size/MD5:  3333732 d0914dd3b69c3d16e3e5404d8eb69e7b
    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.7-0ubuntu05.04_powerpc.deb
      Size/MD5:   137880 9656e69890c3d1abe624e530b1480c25
    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.7-0ubuntu05.04_powerpc.deb
      Size/MD5:    26530 d58893a55c9d6da837223e868d2ef523
    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.7-0ubuntu05.04_powerpc.deb
      Size/MD5:    73480 52011db0bc524f75ec78f69d1dc2736e
    http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.7-0ubuntu05.04_powerpc.deb
      Size/MD5: 10447288 6289932038b021a33926ff180990c755
    http://security.ubuntu.com/ubuntu/pool/universe/e/enigmail/mozilla-enigmail_0.92-1ubuntu05.04.2_powerpc.deb
      Size/MD5:   313004 5174b8c1afd1063b80d638f14d0dfe9c
    http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/mozilla-thunderbird-enigmail_0.92-1ubuntu05.04.2_powerpc.deb
      Size/MD5:   320088 90895e1af1e604ded4ff5e9eb9eec95a
    

- 漏洞信息 (F40318)

Mandriva Linux Security Advisory 2005.169 (PacketStormID:F40318)
2005-09-28 00:00:00
Mandriva  mandriva.com
advisory,vulnerability
linux,mandriva
CVE-2005-2702,CVE-2005-2703,CVE-2005-2704,CVE-2005-2705,CVE-2005-2706,CVE-2005-2707,CVE-2005-2968
[点击下载]

Mandriva Linux Security Update Advisory - A number of vulnerabilities have been discovered in Mozilla Firefox that have been corrected in version 1.0.7

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           mozilla-firefox
 Advisory ID:            MDKSA-2005:169
 Date:                   September 26th, 2005

 Affected versions:	 10.2
 ______________________________________________________________________

 Problem Description:

 A number of vulnerabilities have been discovered in Mozilla Firefox
 that have been corrected in version 1.0.7:
 
 A bug in the way Firefox processes XBM images could be used to execute
 arbitrary code via a specially crafted XBM image file (CAN-2005-2701).
 
 A bug in the way Firefox handles certain Unicode sequences could be
 used to execute arbitrary code via viewing a specially crafted Unicode
 sequence (CAN-2005-2702).
 
 A bug in the way Firefox makes XMLHttp requests could be abused by a
 malicious web page to exploit other proxy or server flaws from the
 victim's machine; however, the default behaviour of the browser is to
 disallow this (CAN-2005-2703).
 
 A bug in the way Firefox implemented its XBL interface could be abused
 by a malicious web page to create an XBL binding in such a way as to
 allow arbitrary JavaScript execution with chrome permissions
 (CAN-2005-2704).
 
 An integer overflow in Firefox's JavaScript engine could be manipulated
 in certain conditions to allow a malicious web page to execute
 arbitrary code (CAN-2005-2705).
 
 A bug in the way Firefox displays about: pages could be used to execute
 JavaScript with chrome privileges (CAN-2005-2706).
 
 A bug in the way Firefox opens new windows could be used by a malicious
 web page to construct a new window without any user interface elements
 (such as address bar and status bar) that could be used to potentially
 mislead the user (CAN-2005-2707).
 
 A bug in the way Firefox proceesed URLs on the command line could be
 used to execute arbitary commands as the user running Firefox; this
 could be abused by clicking on a supplied link, such as from an instant
 messaging client (CAN-2005-2968).
 
 The updated packages have been patched to address these issues and all
 users are urged to upgrade immediately.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2701
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2702
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2703
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2704
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2705
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2706
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2707
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2968
  http://www.mozilla.org/security/announce/mfsa2005-58.html
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.2:
 aa128125581323ada6917cf71d73af73  10.2/RPMS/libnspr4-1.0.2-9.1.102mdk.i586.rpm
 c91875aae8fbfb23c684443111ab2bfb  10.2/RPMS/libnspr4-devel-1.0.2-9.1.102mdk.i586.rpm
 09d4afd21b17bc091c9087f8669d439b  10.2/RPMS/libnss3-1.0.2-9.1.102mdk.i586.rpm
 f287c600ffa5bef0a7865b8942f82223  10.2/RPMS/libnss3-devel-1.0.2-9.1.102mdk.i586.rpm
 78491507510c36caa971c5667a0b39eb  10.2/RPMS/mozilla-firefox-1.0.2-9.1.102mdk.i586.rpm
 37a3d3d39c3f29a8a20c062e56ade3eb  10.2/RPMS/mozilla-firefox-devel-1.0.2-9.1.102mdk.i586.rpm
 d78f74a900992ad5e0904da8b17ba78b  10.2/SRPMS/mozilla-firefox-1.0.2-9.1.102mdk.src.rpm

 Mandrakelinux 10.2/X86_64:
 895038bb470beda14c6de3fa5f3fc5ce  x86_64/10.2/RPMS/lib64nspr4-1.0.2-9.1.102mdk.x86_64.rpm
 d0a573b27841bcb358b7a5bf99867fda  x86_64/10.2/RPMS/lib64nspr4-devel-1.0.2-9.1.102mdk.x86_64.rpm
 aa128125581323ada6917cf71d73af73  x86_64/10.2/RPMS/libnspr4-1.0.2-9.1.102mdk.i586.rpm
 c91875aae8fbfb23c684443111ab2bfb  x86_64/10.2/RPMS/libnspr4-devel-1.0.2-9.1.102mdk.i586.rpm
 b86a14e377368e647a408218871924c7  x86_64/10.2/RPMS/lib64nss3-1.0.2-9.1.102mdk.x86_64.rpm
 4bdabb56ef5f8eb4058fcfeca56aba79  x86_64/10.2/RPMS/lib64nss3-devel-1.0.2-9.1.102mdk.x86_64.rpm
 09d4afd21b17bc091c9087f8669d439b  x86_64/10.2/RPMS/libnss3-1.0.2-9.1.102mdk.i586.rpm
 f287c600ffa5bef0a7865b8942f82223  x86_64/10.2/RPMS/libnss3-devel-1.0.2-9.1.102mdk.i586.rpm
 1988da499fd2b06805d6aea3deb0ed72  x86_64/10.2/RPMS/mozilla-firefox-1.0.2-9.1.102mdk.x86_64.rpm
 c7e70731b9873ebbe6eab2046ecdfe68  x86_64/10.2/RPMS/mozilla-firefox-devel-1.0.2-9.1.102mdk.x86_64.rpm
 d78f74a900992ad5e0904da8b17ba78b  x86_64/10.2/SRPMS/mozilla-firefox-1.0.2-9.1.102mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFDOMJHmqjQ0CJFipgRAoBtAKDSjceCU6aIIjgQRD6Ihojew6RB2gCdGoHp
ayU11aK6Xq6oIbophmTk96U=
=MQPT
-----END PGP SIGNATURE-----
    

- 漏洞信息

19647
Mozilla Multiple Browser JavaScript Engine Overflow
Input Manipulation
Loss of Integrity
Vendor Verified

- 漏洞描述

- 时间线

2005-09-22 Unknow
Unknow Unknow

- 解决方案

Products

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Mozilla Browser/Firefox JavaScript Engine Integer Overflow Vulnerability
Boundary Condition Error 14917
Yes No
2005-09-23 12:00:00 2008-03-18 12:10:00
Discovery is credited to Georgi Guninski.

- 受影响的程序版本

Ubuntu Ubuntu Linux 5.0 4 powerpc
Ubuntu Ubuntu Linux 5.0 4 i386
Ubuntu Ubuntu Linux 5.0 4 amd64
Ubuntu Ubuntu Linux 4.1 ppc
Ubuntu Ubuntu Linux 4.1 ia64
Ubuntu Ubuntu Linux 4.1 ia32
Turbolinux Turbolinux Server 10.0
Turbolinux Turbolinux Desktop 10.0
Turbolinux Turbolinux 10 F...
TurboLinux Personal
TurboLinux Multimedia
Turbolinux Home
SuSE SUSE Linux Enterprise Server 8
+ Linux kernel 2.4.21
+ Linux kernel 2.4.19
Slackware Linux 10.2
Slackware Linux 10.1
Slackware Linux 10.0
Slackware Linux -current
SGI ProPack 3.0 SP6
S.u.S.E. Novell Linux Desktop 9.0
S.u.S.E. Linux Professional 10.0 OSS
S.u.S.E. Linux Professional 10.0
S.u.S.E. Linux Professional 9.3 x86_64
S.u.S.E. Linux Professional 9.3
S.u.S.E. Linux Professional 9.2 x86_64
S.u.S.E. Linux Professional 9.2
S.u.S.E. Linux Professional 9.1 x86_64
S.u.S.E. Linux Professional 9.1
S.u.S.E. Linux Professional 9.0 x86_64
S.u.S.E. Linux Professional 9.0
S.u.S.E. Linux Personal 10.0 OSS
S.u.S.E. Linux Personal 9.3 x86_64
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Enterprise Server for S/390 9.0
S.u.S.E. Linux Enterprise Server 9
S.u.S.E. Linux Desktop 1.0
S.u.S.E. beagle 10.0
RedHat Linux 9.0 i386
RedHat Linux 7.3 i686
RedHat Linux 7.3 i386
RedHat Linux 7.3
Red Hat Fedora Core4
Red Hat Fedora Core3
Red Hat Fedora Core2
Red Hat Fedora Core1
Netscape Netscape 7.2
Netscape Browser 8.0.3 .3
Mozilla Thunderbird 1.0.6
Mozilla Thunderbird 1.0.5
Mozilla Thunderbird 1.0.2
Mozilla Thunderbird 1.0.1
Mozilla Thunderbird 1.0
Mozilla Firefox 1.0.6
Mozilla Firefox 1.0.5
Mozilla Firefox 1.0.5
Mozilla Firefox 1.0.4
Mozilla Firefox 1.0.3
+ Gentoo Linux
Mozilla Firefox 1.0.2
+ Mandriva Linux Mandrake 10.2 x86_64
+ Mandriva Linux Mandrake 10.2
+ Mandriva Linux Mandrake 10.2
+ Red Hat Enterprise Linux AS 4
+ Red Hat Enterprise Linux AS 4
+ RedHat Desktop 4.0
+ RedHat Desktop 4.0
+ RedHat Enterprise Linux ES 4
+ RedHat Enterprise Linux ES 4
+ RedHat Enterprise Linux WS 4
+ RedHat Enterprise Linux WS 4
Mozilla Firefox 1.0.1
+ Red Hat Fedora Core3
Mozilla Firefox 1.0
+ Gentoo Linux
+ Gentoo Linux
+ S.u.S.E. Linux Personal 9.2 x86_64
+ S.u.S.E. Linux Personal 9.2 x86_64
+ S.u.S.E. Linux Personal 9.2
+ S.u.S.E. Linux Personal 9.2
+ S.u.S.E. Linux Personal 9.1 x86_64
+ S.u.S.E. Linux Personal 9.1 x86_64
+ S.u.S.E. Linux Personal 9.1
+ S.u.S.E. Linux Personal 9.1
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
+ S.u.S.E. Linux Personal 9.0
+ Slackware Linux 10.1
+ Slackware Linux 10.0
+ Slackware Linux 10.0
+ Slackware Linux 9.1
+ Slackware Linux 9.1
+ Slackware Linux -current
+ Slackware Linux -current
Mozilla Browser 1.7.11
Mozilla Browser 1.7.9
Mozilla Browser 1.7.8
Mozilla Browser 1.7.7
+ Red Hat Enterprise Linux AS 4
+ Red Hat Enterprise Linux AS 4
+ RedHat Desktop 4.0
+ RedHat Desktop 4.0
+ RedHat Enterprise Linux ES 4
+ RedHat Enterprise Linux ES 4
+ RedHat Enterprise Linux WS 4
+ RedHat Enterprise Linux WS 4
+ Turbolinux Home
+ Turbolinux Home
+ Turbolinux Turbolinux 10 F...
+ Turbolinux Turbolinux 10 F...
+ Turbolinux Turbolinux Desktop 10.0
+ Turbolinux Turbolinux Desktop 10.0
+ Turbolinux Turbolinux Server 10.0
Mozilla Browser 1.7.6
+ HP HP-UX B.11.23
+ HP HP-UX B.11.23
+ HP HP-UX B.11.22
+ HP HP-UX B.11.22
+ HP HP-UX B.11.11
+ HP HP-UX B.11.11
+ HP HP-UX B.11.11
+ HP HP-UX B.11.11
+ HP HP-UX B.11.00
+ HP HP-UX B.11.00
+ Red Hat Enterprise Linux AS 4
+ Red Hat Enterprise Linux AS 4
+ RedHat Desktop 4.0
+ RedHat Desktop 4.0
+ RedHat Enterprise Linux ES 4
+ RedHat Enterprise Linux ES 4
+ RedHat Enterprise Linux WS 4
+ RedHat Enterprise Linux WS 4
+ Turbolinux Home
+ Turbolinux Home
+ Turbolinux Turbolinux 10 F...
+ Turbolinux Turbolinux Desktop 10.0
+ Turbolinux Turbolinux Desktop 10.0
+ Turbolinux Turbolinux Server 10.0
+ Turbolinux Turbolinux Server 10.0
Mozilla Browser 1.7.5
+ HP Tru64 5.1 B-2 PK4 (BL25)
+ HP Tru64 5.1 B-2 PK4
+ HP Tru64 5.1 B-2 PK4
+ HP Tru64 5.1 B PK4
+ HP Tru64 5.1 B PK4
+ HP Tru64 5.1 A PK6 (BL24)
+ HP Tru64 5.1 A PK6 (BL24)
+ HP Tru64 5.1 A PK6
+ HP Tru64 5.1 A PK6
Mozilla Browser 1.7.4
Mozilla Browser 1.7.3
+ HP HP-UX B.11.23
+ HP HP-UX B.11.22
+ HP HP-UX B.11.22
+ HP HP-UX B.11.11
+ HP HP-UX B.11.11
+ HP HP-UX B.11.11
+ HP HP-UX B.11.11
+ HP HP-UX B.11.00
+ HP HP-UX B.11.00
+ HP Tru64 5.1 B-2 PK4 (BL25)
+ HP Tru64 5.1 B-2 PK4 (BL25)
+ HP Tru64 5.1 B-2 PK4
+ HP Tru64 5.1 B-2 PK4
+ HP Tru64 5.1 B PK4
+ HP Tru64 5.1 B PK4
+ HP Tru64 5.1 A PK6 (BL24)
+ HP Tru64 5.1 A PK6 (BL24)
+ HP Tru64 5.1 A PK6
+ HP Tru64 5.1 A PK6
Mozilla Browser 1.7.2
Mozilla Browser 1.7.1
Mozilla Browser 1.7 rc3
Mozilla Browser 1.7 rc2
Mozilla Browser 1.7 rc1
Mozilla Browser 1.7 beta
Mozilla Browser 1.7 alpha
Mozilla Browser 1.7
Mozilla Browser 1.6
Mandriva Linux Mandrake 2006.0 x86_64
Mandriva Linux Mandrake 2006.0
Mandriva Linux Mandrake 10.2 x86_64
Mandriva Linux Mandrake 10.2
Mandriva Linux Mandrake 10.1 x86_64
Mandriva Linux Mandrake 10.1
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
K-Meleon K-Meleon 0.9
Gentoo Linux
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1
Conectiva Linux 10.0
Apple Safari 3.0.4 Beta for Windows
Apple Safari 3.0.3 Beta
Apple iPhone 1.1.4
Netscape Browser 8.0.4
Mozilla Thunderbird 1.0.7
Mozilla Firefox 1.0.7
Mozilla Browser 1.7.12

- 不受影响的程序版本

Netscape Browser 8.0.4
Mozilla Thunderbird 1.0.7
Mozilla Firefox 1.0.7
Mozilla Browser 1.7.12

- 漏洞讨论

Mozilla Browser/Firefox are affected by an integer-overflow vulnerability in their JavaScript engine. A remote attacker may exploit this issue by creating a malicious site and enticing users to visit it.

A successful attack may facilitate unauthorized remote access to a vulnerable computer.

Netscape Browser 8.0.3.3, Netscape 7.2, and K-Meleon 0.9 are also vulnerable.

UPDATE (March 17, 2008): Reports indicate that this issue affects Apple Safari.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com

- 解决方案

Please see the referenced vendor advisories for more information.


Mozilla Firefox 1.0

Mozilla Firefox 1.0.1

Mozilla Firefox 1.0.2

Mozilla Thunderbird 1.0.2

Mozilla Firefox 1.0.3

Mozilla Firefox 1.0.4

Mozilla Firefox 1.0.5

Mozilla Firefox 1.0.5

Mozilla Thunderbird 1.0.5

Mozilla Firefox 1.0.6

Mozilla Thunderbird 1.0.6

Mozilla Browser 1.6

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站