Red Hat Security Advisory: firefox security update Security Advisory secalert@redhat.com Red Hat Security Response Team RHSA-2012:1088 Final 1 1 2012-07-17T17:59:00Z Current version 2012-07-17T17:59:00Z 2012-07-17T17:59:00Z Red Hat rhsa-to-cvrf 1.0.1484 2012-07-17T19:29:02Z Updated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-1948, CVE-2012-1951, CVE-2012-1952, CVE-2012-1953, CVE-2012-1954, CVE-2012-1958, CVE-2012-1962, CVE-2012-1967) A malicious web page could bypass same-compartment security wrappers (SCSW) and execute arbitrary code with chrome privileges. (CVE-2012-1959) A flaw in the context menu functionality in Firefox could allow a malicious website to bypass intended restrictions and allow a cross-site scripting attack. (CVE-2012-1966) A page different to that in the address bar could be displayed when dragging and dropping to the address bar, possibly making it easier for a malicious site or user to perform a phishing attack. (CVE-2012-1950) A flaw in the way Firefox called history.forward and history.back could allow an attacker to conceal a malicious URL, possibly tricking a user into believing they are viewing a trusted site. (CVE-2012-1955) A flaw in a parser utility class used by Firefox to parse feeds (such as RSS) could allow an attacker to execute arbitrary JavaScript with the privileges of the user running Firefox. This issue could have affected other browser components or add-ons that assume the class returns sanitized input. (CVE-2012-1957) A flaw in the way Firefox handled X-Frame-Options headers could allow a malicious website to perform a clickjacking attack. (CVE-2012-1961) A flaw in the way Content Security Policy (CSP) reports were generated by Firefox could allow a malicious web page to steal a victim's OAuth 2.0 access tokens and OpenID credentials. (CVE-2012-1963) A flaw in the way Firefox handled certificate warnings could allow a man-in-the-middle attacker to create a crafted warning, possibly tricking a user into accepting an arbitrary certificate as trusted. (CVE-2012-1964) A flaw in the way Firefox handled feed:javascript URLs could allow output filtering to be bypassed, possibly leading to a cross-site scripting attack. (CVE-2012-1965) The nss update RHBA-2012:0337 for Red Hat Enterprise Linux 5 and 6 introduced a mitigation for the CVE-2011-3389 flaw. For compatibility reasons, it remains disabled by default in the nss packages. This update makes Firefox enable the mitigation by default. It can be disabled by setting the NSS_SSL_CBC_RANDOM_IV environment variable to 0 before launching Firefox. (BZ#838879) For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 10.0.6 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Benoit Jacob, Jesse Ruderman, Christian Holler, Bill McCloskey, Abhishek Arya, Arthur Gerkis, Bill Keese, moz_bug_r_a4, Bobby Holley, Code Audit Labs, Mariusz Mlynski, Mario Heiderich, Frédéric Buclin, Karthikeyan Bhargavan, Matt McCutchen, Mario Gomes, and Soroush Dalili as the original reporters of these issues. All Firefox users should upgrade to these updated packages, which contain Firefox version 10.0.6 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect. Please see https://www.redhat.com/footer/terms-of-use.html Copyright © 2012 Red Hat, Inc. All rights reserved. Critical https://rhn.redhat.com/errata/RHSA-2012-1088.html https://rhn.redhat.com/errata/RHSA-2012-1088.html https://access.redhat.com/security/updates/classification/#critical https://access.redhat.com/security/updates/classification/#critical http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html https://rhn.redhat.com/errata/RHBA-2012-0337.html https://rhn.redhat.com/errata/RHBA-2012-0337.html https://bugzilla.redhat.com/show_bug.cgi?id=838879 https://bugzilla.redhat.com/show_bug.cgi?id=838879 Red Hat Enterprise Linux Desktop (v. 5 client) Red Hat Enterprise Linux HPC Node Optional (v. 6) Red Hat Enterprise Linux Server (v. 6) Red Hat Enterprise Linux Workstation (v. 6) Red Hat Enterprise Linux Desktop Optional (v. 6) Red Hat Enterprise Linux Workstation Optional (v. 6) Red Hat Enterprise Linux (v. 5 server) Red Hat Enterprise Linux Desktop (v. 6) RHEL Desktop Workstation (v. 5 client) Red Hat Enterprise Linux Server Optional (v. 6) firefox-10.0.6-1.el5_8.src.rpm firefox-10.0.6-1.el6_3.src.rpm xulrunner-10.0.6-1.el6_3.src.rpm xulrunner-10.0.6-2.el5_8.src.rpm firefox-10.0.6-1.el5_8 as a component of Red Hat Enterprise Linux Desktop (v. 5 client) xulrunner-10.0.6-2.el5_8 as a component of Red Hat Enterprise Linux Desktop (v. 5 client) firefox-10.0.6-1.el6_3 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6) xulrunner-10.0.6-1.el6_3 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6) firefox-10.0.6-1.el6_3 as a component of Red Hat Enterprise Linux Server (v. 6) xulrunner-10.0.6-1.el6_3 as a component of Red Hat Enterprise Linux Server (v. 6) firefox-10.0.6-1.el6_3 as a component of Red Hat Enterprise Linux Workstation (v. 6) xulrunner-10.0.6-1.el6_3 as a component of Red Hat Enterprise Linux Workstation (v. 6) xulrunner-10.0.6-1.el6_3 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6) xulrunner-10.0.6-1.el6_3 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6) firefox-10.0.6-1.el5_8 as a component of Red Hat Enterprise Linux (v. 5 server) xulrunner-10.0.6-2.el5_8 as a component of Red Hat Enterprise Linux (v. 5 server) firefox-10.0.6-1.el6_3 as a component of Red Hat Enterprise Linux Desktop (v. 6) xulrunner-10.0.6-1.el6_3 as a component of Red Hat Enterprise Linux Desktop (v. 6) xulrunner-10.0.6-2.el5_8 as a component of RHEL Desktop Workstation (v. 5 client) xulrunner-10.0.6-1.el6_3 as a component of Red Hat Enterprise Linux Server Optional (v. 6) A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. 2012-07-14T00:00:00Z 2012-07-17T00:00:00Z CVE-2012-1948 5Client-5.8.Z:firefox-10.0.6-1.el5_8 5Client-5.8.Z:xulrunner-10.0.6-2.el5_8 5Client-Workstation-5.8.Z:xulrunner-10.0.6-2.el5_8 5Server-5.8.Z:firefox-10.0.6-1.el5_8 5Server-5.8.Z:xulrunner-10.0.6-2.el5_8 6Client-6.3.z:firefox-10.0.6-1.el6_3 6Client-6.3.z:xulrunner-10.0.6-1.el6_3 6Client-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:firefox-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-6.3.z:firefox-10.0.6-1.el6_3 6Server-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-6.3.z:firefox-10.0.6-1.el6_3 6Workstation-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-optional-6.3.z:xulrunner-10.0.6-1.el6_3 Critical 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 https://rhn.redhat.com/errata/RHSA-2012-1088.html https://www.redhat.com/security/data/cve/CVE-2012-1948.html CVE-2012-1948 https://bugzilla.redhat.com/show_bug.cgi?id=840201 bz#840201: CVE-2012-1948 CVE-2012-1949 Mozilla: Miscellaneous memory safety hazards (rv:14.0/ rv:10.0.6) (MFSA 2012-42) A page different to that in the address bar could be displayed when dragging and dropping to the address bar, possibly making it easier for a malicious site or user to perform a phishing attack. 2012-07-14T00:00:00Z 2012-07-17T00:00:00Z CVE-2012-1950 5Client-5.8.Z:firefox-10.0.6-1.el5_8 5Client-5.8.Z:xulrunner-10.0.6-2.el5_8 5Client-Workstation-5.8.Z:xulrunner-10.0.6-2.el5_8 5Server-5.8.Z:firefox-10.0.6-1.el5_8 5Server-5.8.Z:xulrunner-10.0.6-2.el5_8 6Client-6.3.z:firefox-10.0.6-1.el6_3 6Client-6.3.z:xulrunner-10.0.6-1.el6_3 6Client-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:firefox-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-6.3.z:firefox-10.0.6-1.el6_3 6Server-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-6.3.z:firefox-10.0.6-1.el6_3 6Workstation-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-optional-6.3.z:xulrunner-10.0.6-1.el6_3 Moderate 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 https://rhn.redhat.com/errata/RHSA-2012-1088.html https://www.redhat.com/security/data/cve/CVE-2012-1950.html CVE-2012-1950 https://bugzilla.redhat.com/show_bug.cgi?id=840203 bz#840203: CVE-2012-1950 Mozilla: Incorrect URL displayed in addressbar through drag and drop (MFSA 2012-43) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges security researcher Mario Gomes and research firm Code Audit Labs as the original reporters of this issue. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. 2012-07-14T00:00:00Z 2012-07-17T00:00:00Z CVE-2012-1951 5Client-5.8.Z:firefox-10.0.6-1.el5_8 5Client-5.8.Z:xulrunner-10.0.6-2.el5_8 5Client-Workstation-5.8.Z:xulrunner-10.0.6-2.el5_8 5Server-5.8.Z:firefox-10.0.6-1.el5_8 5Server-5.8.Z:xulrunner-10.0.6-2.el5_8 6Client-6.3.z:firefox-10.0.6-1.el6_3 6Client-6.3.z:xulrunner-10.0.6-1.el6_3 6Client-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:firefox-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-6.3.z:firefox-10.0.6-1.el6_3 6Server-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-6.3.z:firefox-10.0.6-1.el6_3 6Workstation-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-optional-6.3.z:xulrunner-10.0.6-1.el6_3 Critical 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 https://rhn.redhat.com/errata/RHSA-2012-1088.html https://www.redhat.com/security/data/cve/CVE-2012-1951.html CVE-2012-1951 Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Google security researcher Abhishek Arya as the original reporter of this issue. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. 2012-07-14T00:00:00Z 2012-07-17T00:00:00Z CVE-2012-1952 5Client-5.8.Z:firefox-10.0.6-1.el5_8 5Client-5.8.Z:xulrunner-10.0.6-2.el5_8 5Client-Workstation-5.8.Z:xulrunner-10.0.6-2.el5_8 5Server-5.8.Z:firefox-10.0.6-1.el5_8 5Server-5.8.Z:xulrunner-10.0.6-2.el5_8 6Client-6.3.z:firefox-10.0.6-1.el6_3 6Client-6.3.z:xulrunner-10.0.6-1.el6_3 6Client-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:firefox-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-6.3.z:firefox-10.0.6-1.el6_3 6Server-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-6.3.z:firefox-10.0.6-1.el6_3 6Workstation-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-optional-6.3.z:xulrunner-10.0.6-1.el6_3 Critical 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 https://rhn.redhat.com/errata/RHSA-2012-1088.html https://www.redhat.com/security/data/cve/CVE-2012-1952.html CVE-2012-1952 Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Google security researcher Abhishek Arya as the original reporter of this issue. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. 2012-07-14T00:00:00Z 2012-07-17T00:00:00Z CVE-2012-1953 5Client-5.8.Z:firefox-10.0.6-1.el5_8 5Client-5.8.Z:xulrunner-10.0.6-2.el5_8 5Client-Workstation-5.8.Z:xulrunner-10.0.6-2.el5_8 5Server-5.8.Z:firefox-10.0.6-1.el5_8 5Server-5.8.Z:xulrunner-10.0.6-2.el5_8 6Client-6.3.z:firefox-10.0.6-1.el6_3 6Client-6.3.z:xulrunner-10.0.6-1.el6_3 6Client-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:firefox-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-6.3.z:firefox-10.0.6-1.el6_3 6Server-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-6.3.z:firefox-10.0.6-1.el6_3 6Workstation-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-optional-6.3.z:xulrunner-10.0.6-1.el6_3 Critical 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 https://rhn.redhat.com/errata/RHSA-2012-1088.html https://www.redhat.com/security/data/cve/CVE-2012-1953.html CVE-2012-1953 Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Google security researcher Abhishek Arya as the original reporter of this issue. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. 2012-07-14T00:00:00Z 2012-07-17T00:00:00Z CVE-2012-1954 5Client-5.8.Z:firefox-10.0.6-1.el5_8 5Client-5.8.Z:xulrunner-10.0.6-2.el5_8 5Client-Workstation-5.8.Z:xulrunner-10.0.6-2.el5_8 5Server-5.8.Z:firefox-10.0.6-1.el5_8 5Server-5.8.Z:xulrunner-10.0.6-2.el5_8 6Client-6.3.z:firefox-10.0.6-1.el6_3 6Client-6.3.z:xulrunner-10.0.6-1.el6_3 6Client-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:firefox-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-6.3.z:firefox-10.0.6-1.el6_3 6Server-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-6.3.z:firefox-10.0.6-1.el6_3 6Workstation-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-optional-6.3.z:xulrunner-10.0.6-1.el6_3 Critical 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 https://rhn.redhat.com/errata/RHSA-2012-1088.html https://www.redhat.com/security/data/cve/CVE-2012-1954.html CVE-2012-1954 https://bugzilla.redhat.com/show_bug.cgi?id=840205 bz#840205: CVE-2012-1951 CVE-2012-1952 CVE-2012-1953 CVE-2012-1954 Mozilla: Gecko memory corruption (MFSA 2012-44) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Google security researcher Abhishek Arya as the original reporter of this issue. A flaw in the way Firefox called history.forward and history.back could allow an attacker to conceal a malicious URL, possibly tricking a user into believing they are viewing a trusted site. 2012-07-14T00:00:00Z 2012-07-17T00:00:00Z CVE-2012-1955 5Client-5.8.Z:firefox-10.0.6-1.el5_8 5Client-5.8.Z:xulrunner-10.0.6-2.el5_8 5Client-Workstation-5.8.Z:xulrunner-10.0.6-2.el5_8 5Server-5.8.Z:firefox-10.0.6-1.el5_8 5Server-5.8.Z:xulrunner-10.0.6-2.el5_8 6Client-6.3.z:firefox-10.0.6-1.el6_3 6Client-6.3.z:xulrunner-10.0.6-1.el6_3 6Client-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:firefox-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-6.3.z:firefox-10.0.6-1.el6_3 6Server-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-6.3.z:firefox-10.0.6-1.el6_3 6Workstation-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-optional-6.3.z:xulrunner-10.0.6-1.el6_3 Moderate 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 https://rhn.redhat.com/errata/RHSA-2012-1088.html https://www.redhat.com/security/data/cve/CVE-2012-1955.html CVE-2012-1955 https://bugzilla.redhat.com/show_bug.cgi?id=840206 bz#840206: CVE-2012-1955 Mozilla: Spoofing issue with location (MFSA 2012-45) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Security researcher Mariusz Mlynski as the original reporter of this issue. A flaw in a parser utility class used by Firefox to parse feeds (such as RSS) could allow an attacker to execute arbitrary JavaScript with the privileges of the user running Firefox. This issue could have affected other browser components or add-ons that assume the class returns sanitized input. 2012-07-12T00:00:00Z 2012-07-17T00:00:00Z CVE-2012-1957 5Client-5.8.Z:firefox-10.0.6-1.el5_8 5Client-5.8.Z:xulrunner-10.0.6-2.el5_8 5Client-Workstation-5.8.Z:xulrunner-10.0.6-2.el5_8 5Server-5.8.Z:firefox-10.0.6-1.el5_8 5Server-5.8.Z:xulrunner-10.0.6-2.el5_8 6Client-6.3.z:firefox-10.0.6-1.el6_3 6Client-6.3.z:xulrunner-10.0.6-1.el6_3 6Client-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:firefox-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-6.3.z:firefox-10.0.6-1.el6_3 6Server-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-6.3.z:firefox-10.0.6-1.el6_3 6Workstation-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-optional-6.3.z:xulrunner-10.0.6-1.el6_3 Moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 https://rhn.redhat.com/errata/RHSA-2012-1088.html https://www.redhat.com/security/data/cve/CVE-2012-1957.html CVE-2012-1957 https://bugzilla.redhat.com/show_bug.cgi?id=840208 bz#840208: CVE-2012-1957 Mozilla: Improper filtering of javascript in HTML feed-view (MFSA 2012-47) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Security researcher Mario Heiderich as the original reporter of this issue. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. 2012-07-14T00:00:00Z 2012-07-17T00:00:00Z CVE-2012-1958 5Client-5.8.Z:firefox-10.0.6-1.el5_8 5Client-5.8.Z:xulrunner-10.0.6-2.el5_8 5Client-Workstation-5.8.Z:xulrunner-10.0.6-2.el5_8 5Server-5.8.Z:firefox-10.0.6-1.el5_8 5Server-5.8.Z:xulrunner-10.0.6-2.el5_8 6Client-6.3.z:firefox-10.0.6-1.el6_3 6Client-6.3.z:xulrunner-10.0.6-1.el6_3 6Client-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:firefox-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-6.3.z:firefox-10.0.6-1.el6_3 6Server-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-6.3.z:firefox-10.0.6-1.el6_3 6Workstation-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-optional-6.3.z:xulrunner-10.0.6-1.el6_3 Moderate 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 https://rhn.redhat.com/errata/RHSA-2012-1088.html https://www.redhat.com/security/data/cve/CVE-2012-1958.html CVE-2012-1958 https://bugzilla.redhat.com/show_bug.cgi?id=840211 bz#840211: CVE-2012-1958 Mozilla: use-after-free in nsGlobalWindow::PageHidden (MFSA 2012-48) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Security researcher Arthur Gerkis as the original reporter of this flaw. A malicious web page could bypass same-compartment security wrappers (SCSW) and execute arbitrary code with chrome privileges. 2012-07-14T00:00:00Z 2012-07-17T00:00:00Z CVE-2012-1959 5Client-5.8.Z:firefox-10.0.6-1.el5_8 5Client-5.8.Z:xulrunner-10.0.6-2.el5_8 5Client-Workstation-5.8.Z:xulrunner-10.0.6-2.el5_8 5Server-5.8.Z:firefox-10.0.6-1.el5_8 5Server-5.8.Z:xulrunner-10.0.6-2.el5_8 6Client-6.3.z:firefox-10.0.6-1.el6_3 6Client-6.3.z:xulrunner-10.0.6-1.el6_3 6Client-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:firefox-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-6.3.z:firefox-10.0.6-1.el6_3 6Server-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-6.3.z:firefox-10.0.6-1.el6_3 6Workstation-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-optional-6.3.z:xulrunner-10.0.6-1.el6_3 Critical 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 https://rhn.redhat.com/errata/RHSA-2012-1088.html https://www.redhat.com/security/data/cve/CVE-2012-1959.html CVE-2012-1959 https://bugzilla.redhat.com/show_bug.cgi?id=840212 bz#840212: CVE-2012-1959 Mozilla: Same-compartment Security Wrappers can be bypassed (MFSA 2012-49) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Mozilla developer Bobby Holley as the original reporter of this issue. A flaw in the way Firefox handled X-Frame-Options headers could allow a malicious website to perform a clickjacking attack. 2012-07-14T00:00:00Z 2012-07-17T00:00:00Z CVE-2012-1961 5Client-5.8.Z:firefox-10.0.6-1.el5_8 5Client-5.8.Z:xulrunner-10.0.6-2.el5_8 5Client-Workstation-5.8.Z:xulrunner-10.0.6-2.el5_8 5Server-5.8.Z:firefox-10.0.6-1.el5_8 5Server-5.8.Z:xulrunner-10.0.6-2.el5_8 6Client-6.3.z:firefox-10.0.6-1.el6_3 6Client-6.3.z:xulrunner-10.0.6-1.el6_3 6Client-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:firefox-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-6.3.z:firefox-10.0.6-1.el6_3 6Server-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-6.3.z:firefox-10.0.6-1.el6_3 6Workstation-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-optional-6.3.z:xulrunner-10.0.6-1.el6_3 Moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 https://rhn.redhat.com/errata/RHSA-2012-1088.html https://www.redhat.com/security/data/cve/CVE-2012-1961.html CVE-2012-1961 https://bugzilla.redhat.com/show_bug.cgi?id=840214 bz#840214: CVE-2012-1961 Mozilla: X-Frame-Options header ignored when duplicated (MFSA 2012-51) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Mozilla developer Frédéric Buclin as the original reporter of this issue. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. 2012-07-14T00:00:00Z 2012-07-17T00:00:00Z CVE-2012-1962 5Client-5.8.Z:firefox-10.0.6-1.el5_8 5Client-5.8.Z:xulrunner-10.0.6-2.el5_8 5Client-Workstation-5.8.Z:xulrunner-10.0.6-2.el5_8 5Server-5.8.Z:firefox-10.0.6-1.el5_8 5Server-5.8.Z:xulrunner-10.0.6-2.el5_8 6Client-6.3.z:firefox-10.0.6-1.el6_3 6Client-6.3.z:xulrunner-10.0.6-1.el6_3 6Client-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:firefox-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-6.3.z:firefox-10.0.6-1.el6_3 6Server-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-6.3.z:firefox-10.0.6-1.el6_3 6Workstation-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-optional-6.3.z:xulrunner-10.0.6-1.el6_3 Critical 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 https://rhn.redhat.com/errata/RHSA-2012-1088.html https://www.redhat.com/security/data/cve/CVE-2012-1962.html CVE-2012-1962 https://bugzilla.redhat.com/show_bug.cgi?id=840215 bz#840215: CVE-2012-1962 Mozilla: JSDependentString::undepend string conversion results in memory corruption (MFSA 2012-52) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Security researcher Bill Keese as the original reporter of this issue. A flaw in the way Content Security Policy (CSP) reports were generated by Firefox could allow a malicious web page to steal a victim's OAuth 2.0 access tokens and OpenID credentials. 2012-07-14T00:00:00Z 2012-07-17T00:00:00Z CVE-2012-1963 5Client-5.8.Z:firefox-10.0.6-1.el5_8 5Client-5.8.Z:xulrunner-10.0.6-2.el5_8 5Client-Workstation-5.8.Z:xulrunner-10.0.6-2.el5_8 5Server-5.8.Z:firefox-10.0.6-1.el5_8 5Server-5.8.Z:xulrunner-10.0.6-2.el5_8 6Client-6.3.z:firefox-10.0.6-1.el6_3 6Client-6.3.z:xulrunner-10.0.6-1.el6_3 6Client-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:firefox-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-6.3.z:firefox-10.0.6-1.el6_3 6Server-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-6.3.z:firefox-10.0.6-1.el6_3 6Workstation-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-optional-6.3.z:xulrunner-10.0.6-1.el6_3 Moderate 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 https://rhn.redhat.com/errata/RHSA-2012-1088.html https://www.redhat.com/security/data/cve/CVE-2012-1963.html CVE-2012-1963 https://bugzilla.redhat.com/show_bug.cgi?id=840220 bz#840220: CVE-2012-1963 Mozilla: Content Security Policy 1.0 implementation errors cause data leakage (MFSA 2012-53) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Security researcher Karthikeyan Bhargavan of Prosecco at INRIA as the original reporter of this flaw. A flaw in the way Firefox handled certificate warnings could allow a man-in-the-middle attacker to create a crafted warning, possibly tricking a user into accepting an arbitrary certificate as trusted. 2012-07-14T00:00:00Z 2012-07-17T00:00:00Z CVE-2012-1964 5Client-5.8.Z:firefox-10.0.6-1.el5_8 5Client-5.8.Z:xulrunner-10.0.6-2.el5_8 5Client-Workstation-5.8.Z:xulrunner-10.0.6-2.el5_8 5Server-5.8.Z:firefox-10.0.6-1.el5_8 5Server-5.8.Z:xulrunner-10.0.6-2.el5_8 6Client-6.3.z:firefox-10.0.6-1.el6_3 6Client-6.3.z:xulrunner-10.0.6-1.el6_3 6Client-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:firefox-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-6.3.z:firefox-10.0.6-1.el6_3 6Server-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-6.3.z:firefox-10.0.6-1.el6_3 6Workstation-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-optional-6.3.z:xulrunner-10.0.6-1.el6_3 Moderate 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 https://rhn.redhat.com/errata/RHSA-2012-1088.html https://www.redhat.com/security/data/cve/CVE-2012-1964.html CVE-2012-1964 https://bugzilla.redhat.com/show_bug.cgi?id=840222 bz#840222: CVE-2012-1964 Mozilla: Clickjacking of certificate warning page (MFSA 2012-54) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Security Researcher Matt McCutchen for reporting this issue. A flaw in the way Firefox handled feed:javascript URLs could allow output filtering to be bypassed, possibly leading to a cross-site scripting attack. 2012-07-14T00:00:00Z 2012-07-17T00:00:00Z CVE-2012-1965 5Client-5.8.Z:firefox-10.0.6-1.el5_8 5Client-5.8.Z:xulrunner-10.0.6-2.el5_8 5Client-Workstation-5.8.Z:xulrunner-10.0.6-2.el5_8 5Server-5.8.Z:firefox-10.0.6-1.el5_8 5Server-5.8.Z:xulrunner-10.0.6-2.el5_8 6Client-6.3.z:firefox-10.0.6-1.el6_3 6Client-6.3.z:xulrunner-10.0.6-1.el6_3 6Client-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:firefox-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-6.3.z:firefox-10.0.6-1.el6_3 6Server-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-6.3.z:firefox-10.0.6-1.el6_3 6Workstation-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-optional-6.3.z:xulrunner-10.0.6-1.el6_3 Moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 https://rhn.redhat.com/errata/RHSA-2012-1088.html https://www.redhat.com/security/data/cve/CVE-2012-1965.html CVE-2012-1965 https://bugzilla.redhat.com/show_bug.cgi?id=840225 bz#840225: CVE-2012-1965 Mozilla: feed: URLs with an innerURI inherit security context of page (MFSA 2012-55) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Security researchers Mario Gomes and Soroush Dalili as the original reporters of this issue. A flaw in the context menu functionality in Firefox could allow a malicious website to bypass intended restrictions and allow a cross-site scripting attack. 2012-07-14T00:00:00Z 2012-07-17T00:00:00Z CVE-2012-1966 5Client-5.8.Z:firefox-10.0.6-1.el5_8 5Client-5.8.Z:xulrunner-10.0.6-2.el5_8 5Client-Workstation-5.8.Z:xulrunner-10.0.6-2.el5_8 5Server-5.8.Z:firefox-10.0.6-1.el5_8 5Server-5.8.Z:xulrunner-10.0.6-2.el5_8 6Client-6.3.z:firefox-10.0.6-1.el6_3 6Client-6.3.z:xulrunner-10.0.6-1.el6_3 6Client-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:firefox-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-6.3.z:firefox-10.0.6-1.el6_3 6Server-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-6.3.z:firefox-10.0.6-1.el6_3 6Workstation-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-optional-6.3.z:xulrunner-10.0.6-1.el6_3 Moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 https://rhn.redhat.com/errata/RHSA-2012-1088.html https://www.redhat.com/security/data/cve/CVE-2012-1966.html CVE-2012-1966 https://bugzilla.redhat.com/show_bug.cgi?id=840207 bz#840207: CVE-2012-1966 Mozilla: XSS and code execution through data: URLs (MFSA 2012-46) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges moz_bug_r_a4 as the original reporter of this issue. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. 2012-07-15T00:00:00Z 2012-07-17T00:00:00Z CVE-2012-1967 5Client-5.8.Z:firefox-10.0.6-1.el5_8 5Client-5.8.Z:xulrunner-10.0.6-2.el5_8 5Client-Workstation-5.8.Z:xulrunner-10.0.6-2.el5_8 5Server-5.8.Z:firefox-10.0.6-1.el5_8 5Server-5.8.Z:xulrunner-10.0.6-2.el5_8 6Client-6.3.z:firefox-10.0.6-1.el6_3 6Client-6.3.z:xulrunner-10.0.6-1.el6_3 6Client-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:firefox-10.0.6-1.el6_3 6ComputeNode-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-6.3.z:firefox-10.0.6-1.el6_3 6Server-6.3.z:xulrunner-10.0.6-1.el6_3 6Server-optional-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-6.3.z:firefox-10.0.6-1.el6_3 6Workstation-6.3.z:xulrunner-10.0.6-1.el6_3 6Workstation-optional-6.3.z:xulrunner-10.0.6-1.el6_3 Critical 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 https://rhn.redhat.com/errata/RHSA-2012-1088.html https://www.redhat.com/security/data/cve/CVE-2012-1967.html CVE-2012-1967 https://bugzilla.redhat.com/show_bug.cgi?id=840259 bz#840259: CVE-2012-1967 Mozilla: Code execution through javascript: URLs (MFSA 2012-56) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges moz_bug_r_a4 as the original reporter of this issue.