Firefox update fixes critical security vulnerabilities
The Mozilla project is distributing version 220.127.116.11 of its popular open source Firefox browser. This release fixes several critical vulnerabilities which could be exploited by attackers to inject malicious code or fake page content.
A security vulnerability allows attackers to fake a borderless popup from a background tab using crafted web pages and place it in front of the user's active tab. This could be used to spoof form elements and phish for data such as login data. Attackers can also circumvent the method used by some websites to protect against cross-site request forgery (CSRF) if server-side protection is based solely on referrer checking, as it is possible to fake the HTTP referrer (MSFA-2008-16). The Mozilla browser may reveal personal data if a user possesses a personal certificate which the browser presents automatically during SSL client authentication. According to security advisory MFSA-2008-17, following the update the browser asks the user before presenting the client certificate when it is requested by a website.
Most of the security vulnerabilities also affect the Thunderbird mail client and the Seamonkey browser suite. The security advisories refer to Thunderbird version 18.104.22.168 and Seamonkey 1.1.9, in which these bugs should be fixed. These versions are not yet, however, being distributed automatically. Firefox users should install the update without delay, as the vulnerabilities can be exploited using crafted web pages to inject trojans.
- Fixed in Firefox 22.214.171.124, overview of the security vulnerabilities fixed by the Mozilla development team
- Crashes with evidence of memory corruption (rv:126.96.36.199), security advisory from the Mozilla development team
- HTTP Referrer spoofing with malformed URLs, security advisory from the Mozilla development team
- Privacy issue with SSL Client Authentication, security advisory from the Mozilla development team
- Java socket connection to any local port via LiveConnect, security advisory from the Mozilla development team
- XUL popup spoofing variant (cross-tab popups), security advisory from the Mozilla development team