SB2017042509 - OpenSUSE Linux update for Mozilla Firefox
Published: April 25, 2017
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 13 secuirty vulnerabilities.
1) Memory corruption (CVE-ID: CVE-2017-5429)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to memory corruption errors. A remote attacker can execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
2) Out-of-bounds write (CVE-ID: CVE-2017-5443)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error while decoding improperly formed BinHex format archives. A remote attacker can trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
3) Buffer overflow (CVE-ID: CVE-2017-5444)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error while parsing application/http-index-format format content when the header contains improperly formatted data. A remote attacker can trigger buffer overflow and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
4) Out-of-bounds read (CVE-ID: CVE-2017-5446)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error when an HTTP/2 connection to a servers sends DATA frames with incorrect data content. A remote attacker can trigger out-of-bounds read and gain access to sensitive system memory.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
5) Out-of-bounds read (CVE-ID: CVE-2017-5447)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error when processing glyph widths during text layout. A remote attacker can trigger out-of-bounds read and gain access to sensitive system memory.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
6) Out-of-bounds write (CVE-ID: CVE-2017-5448)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error in ClearKeyDecryptor while decrypting some Clearkey-encrypted media content. The ClearKeyDecryptor code runs within the Gecko Media Plugin (GMP) sandbox. If a second mechanism is found to escape the sandbox, this vulnerability allows for the writing of arbitrary data within memory. A remote attacker can trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
7) Improper input validation (CVE-ID: CVE-2017-5449)
The vulnerability allows a remote attacker to trigger browser crash.
The vulnerability exists due to improper input validation during layout and manipulation of bidirectional unicode text in concert with CSS animations.. A remote attacker can perform a denial of service (DoS) attack.
8) Use-after-free (CVE-ID: CVE-2017-5460)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to use-after-free error in frame selection triggered by a combination of malicious script content and key presses by a user. A remote attacker can trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
9) Out-of-bounds write (CVE-ID: CVE-2017-5461)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error during Base64 decoding operation in the Network Security Services (NSS) library. A remote attacker can trigger out-of-bounds write and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
10) Memory corruption (CVE-ID: CVE-2017-5464)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to memory corruption during DOM manipulations of the accessibility tree through script. A remote attacker can trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
11) Out-of-bounds read (CVE-ID: CVE-2017-5465)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error while processing SVG content in ConvolvePixel. A remote attacker can trigger out-of-bounds read and gain access to sensitive system memory.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
12) Cross-site scripting (CVE-ID: CVE-2017-5466)
The vulnerability allows a remote attacker to perform XSS attacks.
The vulnerability exists due to origin confusion when reloading isolated data:text/html URL. If a page is loaded from an original site through a hyperlink and contains a redirect to a data:text/html URL, triggering a reload will run the reloaded data:text/html page with its origin set incorrectly.
Successful exploitation of this vulnerability may allow an attacker to gain access to potentially sensitive information from another domain.
13) Memory corruption (CVE-ID: CVE-2017-5467)
The vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to memory corruption when using Skia content when drawing content outside of the bounds of a clipping region. A remote attacker can trigger memory corruption and cause browser crash.
Remediation
Install update from vendor's website.