Firefox and Safari updates close security holes
Version 2.0.0.14 of the Firefox web browser has been released by the Mozilla organisation. The update closes a security hole that developers opened up when patching a previously identified bug. Apple has also released an update for Safari that fixes four security vulnerabilities in the browser for Windows and Mac OS X. Attackers were able to use crafted websites to install trojans that could spoof the address bar or execute cross-site scripting attacks.
The vulnerabilities described in Mozilla security advisory MFSA2008-20 affect the JavaScript Garbage Collector. Apparently it could crash after the changes made to patch the holes published in security advisory MFSA2008-15 (browser crash with memory corruption). As a result, malicious code could be injected and executed, though there was no demonstration of an exploit in this case, unlike similar situations in the past.
Two of the vulnerabilities in Safari only affect the Windows version, the other two apparently affect both Mac OS X and Windows. Under Windows, file downloads with maliciously crafted names could crash the computer or allow injected program code to be executed. In addition, web sites could change the content of the address bar without loading the site indicated – the Apple developers had already remedied the flaw in Safari Beta 3.0.2, but it was apparently reinserted in 3.1.
Under Windows and MacOS X, Regular Expressions in JavaScript can cause a heap-based buffer overflow that allows arbitrary code to be executed and attackers to add a colon to a website's address, making cross-site scripting attacks possible. The JavaScript flaw was apparently used in the PWN-to-OWN competition to crack a MacBook Air.
The flaw in Firefox also affects the Thunderbird email client and the Seamonkey browser suite. No updated version has yet been released for either application. Firefox users are advised to install the update as soon as possible. The update is currently being distributed via the integrated update mechanism. Safari users are also advised to install the current version 3.1.1 as soon as possible; it is also being automatically distributed via Software Update.
See also:
- Mozilla Release notes for Firefox 2.0.0.14
- Crash in JavaScript garbage collector, security advisory by the Mozilla developers
- About the security content of Safari 3.1.1, overview of the flaws remedied in Safari 3.1.1
- Apple Safari WebKit PCRE Handling Integer Overflow Vulnerability, security advisory by the Zero Day Initiative
(mba)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
