Bug 454697 (CVE-2008-2933) - CVE-2008-2933 Firefox command line URL launches multi-tabs
Summary: CVE-2008-2933 Firefox command line URL launches multi-tabs
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2008-2933
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 454484
Blocks:
TreeView+ depends on / blocked
 
Reported: 2008-07-09 19:26 UTC by Josh Bressers
Modified: 2019-09-29 12:25 UTC (History)
2 users (show)

Fixed In Version: 1.9.0.1-1.fc9
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2008-07-18 08:17:18 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Mozilla Foundation 441120 None None None Never
Red Hat Product Errata RHSA-2008:0597 normal SHIPPED_LIVE Critical: firefox security update 2008-07-16 23:27:06 UTC
Red Hat Product Errata RHSA-2008:0598 normal SHIPPED_LIVE Critical: firefox security update 2008-07-16 17:29:37 UTC

Description Josh Bressers 2008-07-09 19:26:13 UTC
Passing the firefox command a URL containing a pipe "|" symbol will cause
firefox to open multiple tabs.  If firefox is already running this flaw will try
to open the URL as a single URL, not as multiple tabs.

This flaw can lead to an arbitrarily named file gaining privileged access to the
browser session.

See the upstream bug for more details.

Comment 7 Josh Bressers 2008-07-15 14:32:24 UTC
This issue does not affect SeaMonkey, it is only a Firefox issue.

Comment 8 Tomas Hoger 2008-07-16 07:17:57 UTC
Public now via MFSA 2008-35

http://www.mozilla.org/security/announce/2008/mfsa2008-35.html

Fixed in:
  Firefox 3.0.1
  Firefox 2.0.0.16

Comment 10 Fedora Update System 2008-07-18 08:05:26 UTC
xulrunner-1.9.0.1-1.fc9, epiphany-extensions-2.22.1-3.fc9, firefox-3.0.1-1.fc9, epiphany-2.22.2-3.fc9, yelp-2.22.1-4.fc9, devhelp-0.19.1-3.fc9 has been pushed to the Fedora 9 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 11 Fedora Update System 2008-07-18 08:06:37 UTC
chmsee-1.0.0-3.31.fc8, gnome-web-photo-0.3-12.fc8, openvrml-0.17.6-6.fc8, gnome-python2-extras-2.19.1-16.fc8, gtkmozembedmm-1.4.2.cvs20060817-22.fc8, epiphany-2.20.3-6.fc8, firefox-2.0.0.16-1.fc8, galeon-2.0.4-4.fc8.3, Miro-1.2.3-3.fc8, yelp-2.20.0-11.fc8, cairo-dock-1.6.1.1-1.fc8.1, epiphany-extensions-2.20.1-9.fc8, kazehakase-0.5.4-2.fc8.3, blam-1.8.3-17.fc8, devhelp-0.16.1-9.fc8, liferea-1.4.15-3.fc8, ruby-gnome2-0.17.0-0.3.rc1.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 13 John Summerfield 2008-07-22 02:16:54 UTC
As of Jul 22, this does not install on F9 as it requires a superseded version of
xulrunner:

Resolving Dependencies
--> Running transaction check
---> Package firefox.x86_64 0:3.0.1-1.fc9 set to be updated
--> Processing Dependency: gecko-libs = 1.9 for package: gnome-python2-gtkmozembed
Matched xulrunner-1.9-0.60.beta5.fc9.x86_64 to require for gecko-libs
---> Package devhelp.x86_64 0:0.19.1-3.fc9 set to be updated
---> Package xulrunner.x86_64 0:1.9.0.1-1.fc9 set to be updated
---> Package yelp.x86_64 0:2.22.1-4.fc9 set to be updated
---> Package xulrunner-devel.x86_64 0:1.9.0.1-1.fc9 set to be updated
--> Finished Dependency Resolution
gnome-python2-gtkmozembed-2.19.1-16.fc9.x86_64 from installed has depsolving
problems
  --> Missing Dependency: gecko-libs = 1.9 is needed by package
gnome-python2-gtkmozembed-2.19.1-16.fc9.x86_64 (installed)
Skip-broken round 1
--> Running transaction check
---> Package xulrunner.x86_64 0:1.9.0.1-1.fc9 set to be updated
--> Processing Dependency: xulrunner = 1.9.0.1-1.fc9 for package: xulrunner-devel
--> Processing Dependency: gecko-libs = 1.9.0.1 for package: devhelp
--> Processing Dependency: gecko-libs = 1.9.0.1 for package: yelp
--> Processing Dependency: gecko-libs = 1.9.0.1 for package: firefox
--> Finished Dependency Resolution
firefox-3.0.1-1.fc9.x86_64 from updates has depsolving problems
  --> Missing Dependency: gecko-libs = 1.9.0.1 is needed by package
firefox-3.0.1-1.fc9.x86_64 (updates)
yelp-2.22.1-4.fc9.x86_64 from updates has depsolving problems
  --> Missing Dependency: gecko-libs = 1.9.0.1 is needed by package
yelp-2.22.1-4.fc9.x86_64 (updates)
xulrunner-devel-1.9.0.1-1.fc9.x86_64 from updates has depsolving problems
  --> Missing Dependency: xulrunner = 1.9.0.1-1.fc9 is needed by package
xulrunner-devel-1.9.0.1-1.fc9.x86_64 (updates)
devhelp-0.19.1-3.fc9.x86_64 from updates has depsolving problems
  --> Missing Dependency: gecko-libs = 1.9.0.1 is needed by package
devhelp-0.19.1-3.fc9.x86_64 (updates)
Skip-broken round 2
Skip-broken took 2 rounds 

Packages skipped because of dependency problems:
    devhelp-0.19.1-3.fc9.x86_64 from updates
    firefox-3.0.1-1.fc9.x86_64 from updates
    xulrunner-1.9.0.1-1.fc9.x86_64 from updates
    xulrunner-devel-1.9.0.1-1.fc9.x86_64 from updates
    yelp-2.22.1-4.fc9.x86_64 from updates
Depsolve time: 5.343
[root@potoroo ~]# 


Comment 14 Tomas Hoger 2008-07-22 06:52:36 UTC
John, please file a bug report against gnome-python2-gtkmozembed, which needs to
be rebuilt against new xulrunner package providing gecko-libs 1.9.0.1.

Comment 15 Tomas Hoger 2008-07-22 07:25:15 UTC
(In reply to comment #14)
> John, please file a bug report against gnome-python2-gtkmozembed, which needs
> to be rebuilt against new xulrunner package providing gecko-libs 1.9.0.1.

Rebuilds were already submitted as updated to Bodhi:

https://admin.fedoraproject.org/updates/F9/pending/Miro-1.2.4-2.fc9,gnome-python2-extras-2.19.1-17.fc9

Or use these instructions to get new packages while they are not pushed to stable:

http://axelilly.wordpress.com/2008/07/21/help-test-recent-xulrunner-updates/


Note You need to log in before you can comment on or make changes to this bug.