February 5, 2012

You are here: Home / Archives for Firefox

Mozilla Releases Firefox 10 and Firefox 3.6.26 to Address Multiple Vulnerabilities

February 2, 2012 By Leave a Comment

(LiveHacking.Com) – The Mozilla Foundation has released Firefox 10 and Firefox 3.6.26 to address multiple security vulnerabilities. These vulnerabilities, if exploited, could allow an attacker to execute arbitrary code, cause a denial-of-service condition, obtain sensitive information, or perform a cross-site scripting attack.

Firefox 10 fixes 8 security issues of which 5 are rated as “Critical”. A “Critical” vulnerability can be exploited to run attacker code and install software, requiring no user interaction beyond normal browsing. These include fixes for a possible memory corruption during the decoding of Ogg Vorbis files that could cause a crash during decoding and has the potential for remote code execution. There are also several memory safety bugs in the browser engine. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code.

The full list of fixes is:

  • MFSA 2012-09 Firefox Recovery Key.html is saved with unsafe permission
  • MFSA 2012-08 Crash with malformed embedded XSLT stylesheets
  • MFSA 2012-07 Potential Memory Corruption When Decoding Ogg Vorbis files
  • MFSA 2012-06 Uninitialized memory appended when encoding icon images may cause information disclosure
  • MFSA 2012-05 Frame scripts calling into untrusted objects bypass security checks
  • MFSA 2012-04 Child nodes from nsDOMAttribute still accessible after removal of nodes
  • MFSA 2012-03 <iframe> element exposed across domains via name attribute
  • MFSA 2012-01 Miscellaneous memory safety hazards (rv:10.0/ rv:1.9.2.26)

New features in Firefox 10 include:

  • The forward button is now hidden until you navigate back
  • Most add-ons are now compatible with new versions of Firefox by default
  • Anti-Aliasing for WebGL is now implemented (see bug 615976)
  • CSS3 3D-Transforms are now supported (see bug 505115)
  • New <bdi> element for bi-directional text isolation, along with supporting CSS properties (see bugs 613149 and 662288)
  • Full Screen APIs allow you to build a web application that runs full screen (see the feature page)

The fixes for 3.6.26 are backports of fixes applied to Firefox 10 including:

  • MFSA 2012-08 Crash with malformed embedded XSLT stylesheets
  • MFSA 2012-07 Potential Memory Corruption When Decoding Ogg Vorbis files
  • MFSA 2012-04 Child nodes from nsDOMAttribute still accessible after removal of nodes
  • MFSA 2012-01 Miscellaneous memory safety hazards (rv:10.0/ rv:1.9.2.26)

The only unique fix to the 3.6 series is MFSA 2012-02 Overly permissive IPv6 literal syntax. This was fixed previously for Firefox 7.0 but only fixed in Firefox 3.6.26 now.

Filed Under: Firefox, Firefox, Vulnerability Tagged With: , , , ,

Mozilla Releases Firefox 8 and Firefox 3.6.24 to Fix Critical Security Vulnerabilities

November 10, 2011 By

(LiveHacking.Com) - Mozilla has released Firefox 8 which includes better user control of add-ons and integrated Twitter search. But more importantly it contains several ‘Critical’ security related bug fixes. Mozilla also updated Firefox 3.6.24 with many of the same fixes.

A ‘Critical’ vulnerability can be used to run arbitrary code and install software, without user interaction or knowledge.

The ‘Critical’ bugs fixed in Firefox 8 include:

The memory safety bugs, fixed by the Mozilla engineers, showed evidence of memory corruption under certain circumstances, and Mozilla presume that with enough effort at least some of these could be exploited to run arbitrary code. However there are no known exploits today for these bugs.

An additional ‘Critical’ bug was squashed in Firefox 3.6.24:

  • MFSA 2011-46 - loadSubScript unwraps XPCNativeWrapper scope parameter (1.9.2 branch)

MFSA 2011-43 was fixed in Firefox 7 but it has now been discovered that it affects Firefox 3.6. The error could allow a malicious page to potentially exploit a Firefox user who had installed an add-on that used loadSubscript in vulnerable ways.

 

Filed Under: Firefox, Vulnerability Tagged With: , , ,

NSSLab Report Shows That IE Still Best At Blocking Socially Engineered Malware

August 17, 2011 By

 

(LiveHacking.Com) - NSS Labs has released its latest Web Browser Security Comparative Test Reports against Socially-Engineered Malware for the third quarter of 2011. The report examines the ability of the top five web browsers to protect users from websites that look harmless but actually are designed to trick visitors into downloading and installing malware.

According to a recent study by AVG, users are four times more likely to be tricked into downloading malware than be compromised by a vulnerability.

The report found that Windows Internet Explorer 9 (IE9) caught an exceptional 99.2% of live threats (96% with the SmartScreen URL reputation and an additional 3.2% with Application Reputation). Google Chrome 12 caught 13.2% of the live threats, four times more that it managed during the Q3 2010 global test. Apple Safari 5 and Firefox both caught 7.6% of the live threats. Opera 11 caught the lowest number of threats, just 6.1%.

The full report can be downloaded from the RSS Lab’s website (download PDF) and unlike previous reports this latest report was not paid for by Microsoft.

Filed Under: Chrome, Firefox, Intenet Explorer Tagged With: , , , , ,

Mozilla Releases Firefox 6, Patches Critical Vulnerabilities

August 17, 2011 By

(LiveHacking.Com) - Mozilla has shipped a new version of its Firefox web browser with increased support for HTML5, faster startup times and improved per-site permission management. But most importantly it fixes a number of critical vulnerabilities, some serious enough to expose web surfers to drive-by download attacks.

The Critical and High impact bugs include:

  • Mozilla identified and fixed several memory safety bugs in the browser engine used in Firefox 4, Firefox 5 and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code.
  • Rafael Gieschke reported that unsigned JavaScript could call into script inside a signed JAR thereby inheriting the identity of the site that signed the JAR as well as any permissions that a user had granted the signed JAR.
  • Michael Jordon of Context IS reported that an overly long shader program could cause a buffer overrun and crash in a string class used to store the shader source code.
  • Michael Jordon of Context IS reported a potentially exploitable heap overflow in the ANGLE library used by Mozilla’s WebGL implementation.
  • Security researcher regenrecht reported via TippingPoint’s Zero Day Initiative that a SVG text manipulation routine contained a dangling pointer vulnerability.
  • Mike Cardwell reported that Content Security Policy violation reports failed to strip out proxy authorization credentials from the list of request headers. Daniel Veditz reported that redirecting to a website with Content Security Policy resulted in the incorrect resolution of hosts in the constructed policy.
  • nasalislarvatus3000 reported that when using Windows D2D hardware acceleration, image data from one domain could be inserted into a canvas and read by a different domain.
Filed Under: Firefox, Firefox, Mozilla, Vulnerability Tagged With: ,

Firefox 5.0.1 Released For OS X Only – Fixes 10.7 Lion Issue

July 14, 2011 By

(LiveHacking.Com) — The Mozilla Foundation has released Firefox 5.0.1 to address issues on Mac OS X.

This new version of Firefox has the following changes:

  • Worked around an issue in Mac OS X 10.7 that could cause Firefox to crash.
  • Worked around an issue caused by Apple’s “Java for Mac OS X 10.6 Update 5″ where the Java plugin would not be loaded.

Although OS X 10.7 hasn’t been released yet there are rumours that its release is imminent and could even be today (July 14th). The Mozilla Foundation has therefore addressed the OS X 10.7 issue so that when Lion finally does hit the streets Firefox will work without any problems.

The other issue solves a problem with Java for Mac OS X 10.6 Update 5 which was released little over two weeks ago.

More information is available at http://www.mozilla.com/en-US/firefox/5.0.1/releasenotes/

Filed Under: Apple, Firefox Tagged With: , , ,

Mozilla Updates Firefox 3.5, 3.6 and 4.0

May 2, 2011 By

Mozilla has released a series of security updates for all currently supported versions of Firefox. Firefox 4.0.1, 3.6.17 and 3.5.19 are now available for Windows, Mac, and Linux. Mozilla is recommending that users update to the latest versions but also encourage all users to upgrade to Firefox 4 as this is the last planned security and stability release for Firefox 3.5.

The first fixes are for several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and Mozilla presume that with enough effort at least some of these could be exploited to run arbitrary code.

A minor security vulnerability was fixed in the XSLT generate-id() function as it was revealing a specific valid address of an object on the memory heap. It is theoretical that this information could have been used in combination with other heap corruption exploits.

There is also a fix for a vulnerability in the Java Embedding Plugin (JEP) shipped with the Mac OS X versions of Firefox 3.5 and 3.6 that if exploited could allow an attacker to obtain elevated access to resources on a user’s system.

Specific to Firefox 4 is an additional fix to its WebGL feature. Two crashes that could potentially be exploited to run malicious code were found in the WebGL feature. Also there is a fix for a vulnerability that could potentially be used to bypass a security feature of recent Windows versions.

Mozilla has also released Thunderbird 3.1.10. The release notes are available here.

Filed Under: Firefox, Mozilla, Thunderbird, Vulnerability Tagged With: , ,

Web Browser Tests Show IE Best at Detecting Socially-Engineered Malware

December 18, 2010 By

One of the most prevalent forms of malware on the Internet today is what is know as “socially-engineered malware” meaning malware that uses seemly benign links and/or trusted social networking sites (like Facebook® etc.) to trick visitors in to downloading and executing a piece of software that has malicious intent. Common examples of such seemly innocent programs are screen savers, video codec upgrades and free games.

Beginning in 2009, NSS Labs have been conducting tests on the leading web browsers to determine which browsers are most susceptible to socially-engineered malware. The Q3 2010 results have recently been published and the results are very interesting.

At the top of the leader board for protection surprisingly comes Internet Explorer. With a bad reputation over the years IE has often been pushed to one side in favor of Firefox, but these tests results portray IE in a new light. Internet Explorer 8 managed to block 90% of the malware but even more exceptional is that Internet Explorer 9 managed to catch 99% of the threats. These results are even more remarkable when compared to Firefox 3.6 which caught only 19% of the live threats which was actually a 10% decrease in protection from the Q1 2010 tests.

As for the rest of the browsers:  Safari 5 caught 11% of the threats, down 18% from Q1 2010. Google Chrome 6 caught 3% of the threats, down 14%  and Opera 10 caught nothing!

You can read the introduction to the group test here and you can download the full report (as a PDF) here.

Filed Under: Security, Web Browsers Tagged With: , , , , , , ,

WebSockets disabled in Firefox 4

December 9, 2010 By

Due to a vulnerability in the design of the WebSocket protocol, the Mozilla Foundation has decided to disable support for this protocol in the forthcoming Firefox 4 Beta 8 release. The vulnerability in the code for transparent proxies can potentially be exploited to poison the proxy cache and inject manipulated pages.

Read the full story here.

Source:[TheHSecurity]

Filed Under: Firefox, Vulnerability Tagged With: ,

Firefox 4 to Include HTTP Strict Transport Security Support

August 28, 2010 By

In an effort to help mitigate man-in-the-middle attacks that make normal HTTP connections look like secured HTTPS sessions, Mozilla is adding support in Firefox 4 for a new technology called HTTP Strict Transport Security that enables site operators to tell browsers to always request an HTTPS session on future visits.

The technology, which is also known as ForceTLS, is currently an IETF draft specification and Mozilla officials say it should give users more confidence in HTTPS connections over time.

Read the full article here.

Source:[Threatpost]

Filed Under: Cryptography, Firefox Tagged With: , , , ,

Search Engine Security – Firefox Add-on

August 6, 2010 By

Search engine ranking is a big deal for the companies now days. Black-hat Search Engine Optimization is a growing problem that search engines are failing to combat. This Firefox add-on will prevent Black-hat SEO attacks by masking the source of requests to malicious pages, ensuring that the attacks are never delivered. According to Zscaler, blocking SEO attacks before they ever reach the browser is critical as anti-virus engines typically have a very low detection rate for binaries used in the attacks.

Visit Zscaler website for more information and technical details about this Firefox Add-on.

Filed Under: Firefox Tagged With: , , ,