Bug 196969 - CVE-2006-2783 multiple Seamonkey issues (CVE-2006-2782,CVE-2006-2778,CVE-2006-2776,CVE-2006-2784,CVE-2006-2785,CVE-2006-2786,CVE-2006-2787,CVE-2006-2788)
CVE-2006-2783 multiple Seamonkey issues (CVE-2006-2782,CVE-2006-2778,CVE-2006...
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: seamonkey (Show other bugs)
4.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Christopher Aillon
Ben Levenson
impact=moderate,source=mozilla,report...
: Security
Depends On:
Blocks: 181411
  Show dependency treegraph
 
Reported: 2006-06-27 17:13 EDT by Josh Bressers
Modified: 2007-11-30 17:07 EST (History)
0 users

See Also:
Fixed In Version: RHSA-2006-0609
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-08-02 14:31:08 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Josh Bressers 2006-06-27 17:13:45 EDT
CVE-2006-2777 MFSA 2006-43
CVE-2006-2776 MFSA 2006-37
CVE-2006-2784 MFSA 2006-36
CVE-2006-2785 MFSA 2006-34
CVE-2006-2787 MFSA 2006-31
Several flaws were found in the way Mozilla processes certain javascript
actions. A malicious web page could execute arbitrary javascript
instructions with the permissions of "chrome", allowing the page to steal
sensitive information or install browser malware.

CVE-2006-2783 MFSA 2006-42
A cross site scripting flaw was found in the way Mozilla processes Unicode
Byte-order-Mark (BOM) markers in UTF-8 web pages. A malicious web page
could execute a script within the browser that a web input sanitizer could
miss due to a malformed "script" tag.

CVE-2006-2782 MFSA 2006-41
A form file upload flaw was found in the way Mozilla handles javascript
input object mutation. A malicious web page could upload an arbitrary local
file at form submission time without user interaction.

CVE-2006-2778 MFSA 2006-38
A denial of service flaw was found in the way Mozilla calls the
crypto.signText() javascript function. A malicious web page could crash the
browser if the victim had a client certificate loaded.

These issues will remain unfixed in Mozilla until Seamonkey is released.  They
are not additional issues, simply problems which are fixed as part of the upgrade.


CVE-2006-2786 MFSA 2006-33
Two HTTP response smuggling flaws were found in the way Mozilla processes
certain invalid HTTP response headers. A malicious web site could return
specially crafted HTTP response headers which may bypass HTTP proxy
restrictions.

CVE-2006-2788
A double free flaw was found in the way the nsIX509::getRawDER method is
called. If a victim visits a carefully crafted web page it is possible to
execute arbitrary code as the user running Mozilla. (CVE-2006-2788)
Comment 1 Josh Bressers 2006-06-27 17:16:11 EDT
These issues will remain unfixed in Mozilla until Seamonkey is released.  They
are not additional issues, simply problems which are fixed as part of the upgrade.


That statement ended up in the middle of the above block due to my inability to
understand how scrollbars work.  It should be at the top to describe this bug.
Comment 2 Xiaohong Wang 2006-07-06 22:36:29 EDT
We're relying on upstream for verification because we have no test code.
Comment 4 Josh Bressers 2006-07-14 15:59:44 EDT
CVE-2006-2777 is being tracked via bug 198934
Comment 5 Red Hat Bugzilla 2006-08-02 14:31:09 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2006-0609.html

Note You need to log in before you can comment on or make changes to this bug.