Several remote vulnerabilities have been discovered in Xulrunner, a
runtime environment for XUL applications, such as the Iceweasel web
browser. The Common Vulnerabilities and Exposures project identifies
the following problems:
- CVE-2009-3380
Vladimir Vukicevic, Jesse Ruderman, Martijn Wargers, Daniel
Banchero, David Keeler and Boris Zbarsky reported crashes in
layout engine, which might allow the execution of arbitrary code.
- CVE-2009-3382
Carsten Book reported a crash in the layout engine, which might
allow the execution of arbitrary code.
- CVE-2009-3376
Jesse Ruderman and Sid Stamm discovered spoofing vulnerability
in the file download dialog.
- CVE-2009-3375
Gregory Fleischer discovered a bypass of the same-origin policy
using the document.getSelection() function.
- CVE-2009-3374
“moz_bug_r_a4” discovered a privilege escalation to Chrome status
in the XPCOM utility XPCVariant::VariantDataToJS.
- CVE-2009-3373
“regenrecht” discovered a buffer overflow in the GIF parser, which
might lead to the execution of arbitrary code.
- CVE-2009-3372
Marco C. discovered that a programming error in the proxy auto
configuration code might lead to denial of service or the
execution of arbitrary code.
- CVE-2009-3274
Jeremy Brown discovered that the filename of a downloaded file
which is opened by the user is predictable, which might lead to
tricking the user into a malicious file if the attacker has local
access to the system.
- CVE-2009-3370
Paul Stone discovered that history information from web forms
could be stolen.
For the stable distribution (lenny), these problems have been fixed
in version 1.9.0.15-0lenny1.
As indicated in the Etch
release notes, security support for the Mozilla products in the oldstable
distribution needed to be stopped before the end of the regular Etch security
maintenance life cycle. You are strongly encouraged to upgrade to stable or
switch to a still supported browser.
For the unstable distribution (sid), these problems have been fixed in
version 1.9.1.4-1.
We recommend that you upgrade your xulrunner packages.