SB20240718193 - Red Hat Enterprise Linux 8 update for firefox

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB20240718193

SB20240718193 - Red Hat Enterprise Linux 8 update for firefox

Published: July 18, 2024

Security Bulletin ID SB20240718193
Severity
High
Patch available
YES
Number of vulnerabilities 8
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 13% Medium 75% Low 13%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 8 secuirty vulnerabilities.


1) Buffer overflow (CVE-ID: CVE-2024-6604)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


2) Race condition (CVE-ID: CVE-2024-6601)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to a race condition in permission assignment. A remote attacker can trick the victim to visit a specially crafted website, bypass cross-origin container obtaining permissions of the top-level origin and gain access to sensitive information.


3) Buffer overflow (CVE-ID: CVE-2024-6603)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in thread creation. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and crash the browser.


4) Out-of-bounds read (CVE-ID: CVE-2017-7679)

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The vulnerability exists due to out-of-bounds read within the mod_mime when constructing Content-Type response header. A remote attacker read one byte pas the end of a buffer when sending a malicious Content-Type response header.


5) NULL pointer dereference (CVE-ID: CVE-2017-7659)

The vulnerability allows a remote attacker to perform denial of service attack.

The vulnerability exists due to a NULL pointer dereference error within mod_http2. A remote attacker can send a specially crafted HTTP/2 request and crash the affected process.

Successful exploitation of the vulnerability result in denial of service (DoS) attack.


6) Out-of-bound read (CVE-ID: CVE-2017-7668)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing token lists within ap_find_token() function. A remote unauthenticated attacker can create a specially crafted sequence of HTTP headers and refer to data past the end of the search string. 

Successful exploitation of this vulnerability results segmentation fault and web server crash.


7) NULL pointer dereference (CVE-ID: CVE-2017-3169)

The vulnerability allows a remote attacker to perform denial of service attack.

The vulnerability exists due to a NULL pointer dereference error within mod_ssl module, when third-party modules call ap_hook_process_connection() function during an HTTP request to an HTTPS port. A remote attacker can send a specially crafted HTTP request and crash the affected web server.


8) Authentication bypass (CVE-ID: CVE-2017-3167)

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to usage of the ap_get_basic_auth_pw() function by third-party modules outside of the authentication phase. A remote attacker can create a specially crafted HTTP request to vulnerable web server, bypass authentication requirements and gain unauthorized access to otherwise protected information.


Remediation

Install update from vendor's website.

References