OpenSUSE Linux update for Mozilla Firefox



Published: 2017-04-25
Risk High
Patch available YES
Number of vulnerabilities 13
CVE-ID CVE-2017-5429
CVE-2017-5443
CVE-2017-5444
CVE-2017-5446
CVE-2017-5447
CVE-2017-5448
CVE-2017-5449
CVE-2017-5460
CVE-2017-5461
CVE-2017-5464
CVE-2017-5465
CVE-2017-5466
CVE-2017-5467
CWE-ID CWE-416
CWE-787
CWE-119
CWE-125
CWE-20
CWE-79
Exploitation vector Network
Public exploit Public exploit code for vulnerability #5 is available.
Public exploit code for vulnerability #11 is available.
Vulnerable software
Subscribe 		Mozilla Firefox
Client/Desktop applications / Web browsers

Firefox ESR
Client/Desktop applications / Web browsers

Vendor Mozilla

Security Bulletin

This security bulletin contains information about 13 vulnerabilities.

1) Memory corruption

EUVDB-ID: #VU6347

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-5429

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to memory corruption errors. A remote attacker can execute arbitrary code on the target system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Update the affected packages.

Vulnerable software versions

Mozilla Firefox: 52 - 52.0.2

Firefox ESR: 45 - 52.0.2

External links

http://lists.opensuse.org/opensuse-security-announce/2017-04/msg00029.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Out-of-bounds write

EUVDB-ID: #VU6327

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-5443

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error while decoding improperly formed BinHex format archives. A remote attacker can trigger out-of-bounds write and execute arbitrary code on the target system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Update the affected packages.

Vulnerable software versions

Mozilla Firefox: 52 - 52.0.2

Firefox ESR: 45 - 52.0.2

External links

http://lists.opensuse.org/opensuse-security-announce/2017-04/msg00029.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Buffer overflow

EUVDB-ID: #VU6328

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-5444

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error while parsing application/http-index-format format content when the header contains improperly formatted data. A remote attacker can trigger buffer overflow and execute arbitrary code on the target system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Update the affected packages.

Vulnerable software versions

Mozilla Firefox: 52 - 52.0.2

Firefox ESR: 45 - 52.0.2

External links

http://lists.opensuse.org/opensuse-security-announce/2017-04/msg00029.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Out-of-bounds read

EUVDB-ID: #VU6329

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-5446

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when an HTTP/2 connection to a servers sends DATA frames with incorrect data content. A remote attacker can trigger out-of-bounds read and gain access to sensitive system memory.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Update the affected packages.

Vulnerable software versions

Mozilla Firefox: 52 - 52.0.2

Firefox ESR: 45 - 52.0.2

External links

http://lists.opensuse.org/opensuse-security-announce/2017-04/msg00029.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Out-of-bounds read

EUVDB-ID: #VU6330

Risk: High

CVSSv3.1: 8.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2017-5447

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing glyph widths during text layout. A remote attacker can trigger out-of-bounds read and gain access to sensitive system memory.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Update the affected packages.

Vulnerable software versions

Mozilla Firefox: 52 - 52.0.2

Firefox ESR: 45 - 52.0.2

External links

http://lists.opensuse.org/opensuse-security-announce/2017-04/msg00029.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

6) Out-of-bounds write

EUVDB-ID: #VU6332

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-5448

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error in ClearKeyDecryptor while decrypting some Clearkey-encrypted media content. The ClearKeyDecryptor code runs within the Gecko Media Plugin (GMP) sandbox. If a second mechanism is found to escape the sandbox, this vulnerability allows for the writing of arbitrary data within memory. A remote attacker can trigger out-of-bounds write and execute arbitrary code on the target system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Update the affected packages.

Vulnerable software versions

Mozilla Firefox: 52 - 52.0.2

Firefox ESR: 45 - 52.0.2

External links

http://lists.opensuse.org/opensuse-security-announce/2017-04/msg00029.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Improper input validation

EUVDB-ID: #VU6337

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-5449

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to trigger browser crash.

The vulnerability exists due to improper input validation during layout and manipulation of bidirectional unicode text in concert with CSS animations.. A remote attacker can perform a denial of service (DoS) attack.

Mitigation

Update the affected packages.

Vulnerable software versions

Mozilla Firefox: 52 - 52.0.2

Firefox ESR: 52.0 - 52.0.2

External links

http://lists.opensuse.org/opensuse-security-announce/2017-04/msg00029.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Use-after-free

EUVDB-ID: #VU6321

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-5460

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to use-after-free error in frame selection triggered by a combination of malicious script content and key presses by a user. A remote attacker can trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Update the affected packages.

Vulnerable software versions

Mozilla Firefox: 52 - 52.0.2

Firefox ESR: 45 - 52.0.2

External links

http://lists.opensuse.org/opensuse-security-announce/2017-04/msg00029.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Out-of-bounds write

EUVDB-ID: #VU6316

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-5461

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error during Base64 decoding operation in the Network Security Services (NSS) library. A remote attacker can trigger out-of-bounds write and execute arbitrary code on the target system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Update the affected packages.

Vulnerable software versions

Mozilla Firefox: 52 - 52.0.2

Firefox ESR: 45 - 52.0.2

External links

http://lists.opensuse.org/opensuse-security-announce/2017-04/msg00029.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Memory corruption

EUVDB-ID: #VU6326

Risk: High

CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-5464

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to memory corruption during DOM manipulations of the accessibility tree through script. A remote attacker can trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Update the affected packages.

Vulnerable software versions

Mozilla Firefox: 52 - 52.0.2

Firefox ESR: 45 - 52.0.2

External links

http://lists.opensuse.org/opensuse-security-announce/2017-04/msg00029.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Out-of-bounds read

EUVDB-ID: #VU6331

Risk: High

CVSSv3.1: 8.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2017-5465

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error while processing SVG content in ConvolvePixel. A remote attacker can trigger out-of-bounds read and gain access to sensitive system memory.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Update the affected packages.

Vulnerable software versions

Mozilla Firefox: 52 - 52.0.2

Firefox ESR: 45 - 52.0.2

External links

http://lists.opensuse.org/opensuse-security-announce/2017-04/msg00029.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

12) Cross-site scripting

EUVDB-ID: #VU6318

Risk: Low

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-5466

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform XSS attacks.

The vulnerability exists due to origin confusion when reloading isolated data:text/html URL. If a page is loaded from an original site through a hyperlink and contains a redirect to a data:text/html URL, triggering a reload will run the reloaded data:text/html page with its origin set incorrectly.

Successful exploitation of this vulnerability may allow an attacker to gain access to potentially sensitive information from another domain.

Mitigation

Update the affected packages.

Vulnerable software versions

Mozilla Firefox: 52 - 52.0.2

Firefox ESR: 52.0 - 52.0.2

External links

http://lists.opensuse.org/opensuse-security-announce/2017-04/msg00029.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Memory corruption

EUVDB-ID: #VU6341

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-5467

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service attack.

The vulnerability exists due to memory corruption when using Skia content when drawing content outside of the bounds of a clipping region. A remote attacker can trigger memory corruption and cause browser crash.

Mitigation

Update the affected packages.

Vulnerable software versions

Mozilla Firefox: 52 - 52.0.2

Firefox ESR: 52.0 - 52.0.2

External links

http://lists.opensuse.org/opensuse-security-announce/2017-04/msg00029.html


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to trick the victim to visit a specially crafted website.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###