Bug 438713 (CVE-2008-1233)

Summary:	CVE-2008-1233 Mozilla products XPCNativeWrapper pollution
Product:	[Other] Security Response	Reporter:	Josh Bressers <bressers>
Component:	vulnerability	Assignee:	Red Hat Product Security <security-response-team>
Status:	CLOSED CURRENTRELEASE	QA Contact:
Severity:	medium	Docs Contact:
Priority:	medium
Version:	unspecified	CC:	security-response-team
Target Milestone:	---	Keywords:	Security
Target Release:	---
Hardware:	All
OS:	Linux
Whiteboard:
Fixed In Version:	2.0.0.14-1.fc7	Doc Type:	Bug Fix
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2008-05-10 13:53:11 UTC	Type:	---
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:
Bug Depends On:	438396, 438397, 438398, 438401, 438402, 438403, 438404, 438938, 438939, 442855, 442856, 442857
Bug Blocks:

Description Josh Bressers 2008-03-24 18:01:35 UTC

Mozilla contributor moz_bug_r_a4 demonstrated additional variants of MFSA2007-25
and MFSA2007-35 which could lead to arbitrary code execution through
XPCNativeWrapper pollution.

Comment 1 Josh Bressers 2008-03-24 18:02:05 UTC

This is going to be mfsa2008-14

Comment 4 Josh Bressers 2008-03-26 02:04:40 UTC

This is now public:
http://www.mozilla.org/security/announce/2008/mfsa2008-14.html

Comment 5 Fedora Update System 2008-03-26 02:14:56 UTC

blam-1.8.3-14.fc8,chmsee-1.0.0-1.30.fc8,devhelp-0.16.1-6.fc8,epiphany-2.20.3-2.fc8,epiphany-extensions-2.20.1-6.fc8,firefox-2.0.0.13-1.fc8,galeon-2.0.4-1.fc8.3,gnome-python2-extras-2.19.1-13.fc8,gnome-web-photo-0.3-9.fc8,gtkmozembedmm-1.4.2.cvs20060817-19.fc8,kazehakase-0.5.3-5.fc8,liferea-1.4.13-2.fc8,Miro-1.1.2-2.fc8,openvrml-0.17.5-4.fc8,ruby-gnome2-0.16.0-21.fc8,yelp-2.20.0-8.fc8 has been submitted as an update for Fedora 8

Comment 6 Fedora Update System 2008-03-26 17:09:51 UTC

chmsee-1.0.0-1.30.fc7, devhelp-0.13-15.fc7, epiphany-2.18.3-8.fc7, epiphany-extensions-2.18.3-8, firefox-2.0.0.13-1.fc7, galeon-2.0.3-16.fc7, gnome-python2-extras-2.14.3-9.fc7, gtkmozembedmm-1.4.2.cvs20060817-16.fc7, kazehakase-0.5.3-5.fc7, liferea-1.4.13-2.fc7, Miro-1.1.2-2.fc7, openvrml-0.16.7-4.fc7, ruby-gnome2-0.16.0-22.fc7, yelp-2.18.1-10.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 7 Fedora Update System 2008-03-26 17:12:15 UTC

gnome-python2-extras-2.19.1-13.fc8, ruby-gnome2-0.16.0-21.fc8, epiphany-2.20.3-2.fc8, gtkmozembedmm-1.4.2.cvs20060817-19.fc8, epiphany-extensions-2.20.1-6.fc8, liferea-1.4.13-2.fc8, Miro-1.1.2-2.fc8, yelp-2.20.0-8.fc8, devhelp-0.16.1-6.fc8, galeon-2.0.4-1.fc8.3, gnome-web-photo-0.3-9.fc8, chmsee-1.0.0-1.30.fc8, kazehakase-0.5.3-5.fc8, openvrml-0.17.5-4.fc8, blam-1.8.3-14.fc8, firefox-2.0.0.13-1.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 10 Fedora Update System 2008-05-10 13:52:55 UTC

thunderbird-2.0.0.14-1.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 11 Fedora Update System 2008-05-10 13:54:37 UTC

thunderbird-2.0.0.14-1.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.