exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Ubuntu Security Notice 398-1

Ubuntu Security Notice 398-1
Posted Jan 4, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 398-1 - Various flaws have been reported in Firefox that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious web page containing JavaScript or SVG.

tags | advisory, web, arbitrary, javascript
systems | linux, ubuntu
advisories | CVE-2006-6497, CVE-2006-6498, CVE-2006-6499, CVE-2006-6501, CVE-2006-6502, CVE-2006-6503, CVE-2006-6504, CVE-2006-6506, CVE-2006-6507
SHA-256 | 15d3c364e56b1992b6a952f23a636caa2c94a3f156b9d3d98b7ef9066a2d1132

Ubuntu Security Notice 398-1

Change Mirror Download
=========================================================== 
Ubuntu Security Notice USN-398-1 January 02, 2007
firefox vulnerabilities
CVE-2006-6497, CVE-2006-6498, CVE-2006-6499, CVE-2006-6501,
CVE-2006-6502, CVE-2006-6503, CVE-2006-6504, CVE-2006-6506,
CVE-2006-6507
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.10:
firefox 2.0.0.1+0dfsg-0ubuntu0.6.10
firefox-dev 2.0.0.1+0dfsg-0ubuntu0.6.10
libnspr-dev 2.0.0.1+0dfsg-0ubuntu0.6.10
libnspr4 2.0.0.1+0dfsg-0ubuntu0.6.10
libnss-dev 2.0.0.1+0dfsg-0ubuntu0.6.10
libnss3 2.0.0.1+0dfsg-0ubuntu0.6.10

After a standard system upgrade you need to restart Firefox to effect
the necessary changes.

Details follow:

Various flaws have been reported that allow an attacker to execute
arbitrary code with user privileges by tricking the user into opening
a malicious web page containing JavaScript or SVG. (CVE-2006-6497,
CVE-2006-6498, CVE-2006-6499, CVE-2006-6501, CVE-2006-6502,
CVE-2006-6504)

Various flaws have been reported that allow an attacker to bypass
Firefox's internal XSS protections by tricking the user into opening a
malicious web page containing JavaScript. (CVE-2006-6503,
CVE-2006-6507)

Jared Breland discovered that the "Feed Preview" feature could leak
referrer information to remote servers. (CVE-2006-6506)


Updated packages for Ubuntu 6.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.1+0dfsg-0ubuntu0.6.10.diff.gz
Size/MD5: 322554 79c04227229a107f0c9d45049605bd48
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.1+0dfsg-0ubuntu0.6.10.dsc
Size/MD5: 1218 6ce84b9960bdbb97c9ec6c3705653eae
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.1+0dfsg.orig.tar.gz
Size/MD5: 46670638 1cb13be9a35205af63fe70eeff14eb0e

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_2.0.0.1+0dfsg-0ubuntu0.6.10_all.deb
Size/MD5: 236456 9ed7043d22624085cffc10dc7cde8f26
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_2.0.0.1+0dfsg-0ubuntu0.6.10_all.deb
Size/MD5: 55270 2f8fde2f2488af7750e65e886493cd13
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dom-inspector_2.0.0.1+0dfsg-0ubuntu0.6.10_all.deb
Size/MD5: 55362 eb1b5c963f64a784e053bdeee6537481
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-gnome-support_2.0.0.1+0dfsg-0ubuntu0.6.10_all.deb
Size/MD5: 55378 dd6516fe8c1798d617bcf95b4fbd21c4
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox_2.0.0.1+0dfsg-0ubuntu0.6.10_all.deb
Size/MD5: 56176 eae029799af7b101a55a9bfdffc88330

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.1+0dfsg-0ubuntu0.6.10_amd64.deb
Size/MD5: 50310432 263fa952660d303d4320ac519836a1fb
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.1+0dfsg-0ubuntu0.6.10_amd64.deb
Size/MD5: 3119132 75d94b87d53efb786ffdf56ff6d6b075
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.1+0dfsg-0ubuntu0.6.10_amd64.deb
Size/MD5: 89652 913420b9f378f322c1ca1b02037f2677
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.1+0dfsg-0ubuntu0.6.10_amd64.deb
Size/MD5: 10387770 78104d3965f2bfbda5575574d9f755ba
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_amd64.deb
Size/MD5: 225036 ea87d34202b6d3223dbac099cf51c8df
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_amd64.deb
Size/MD5: 167466 55bbefb531652d568f02438aeed10f1d
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_amd64.deb
Size/MD5: 250348 1bbc07d9af10768ac6656d927000abcd
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_amd64.deb
Size/MD5: 861350 3fc1cbb4e1eb02995567cdec7b660bd2

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.1+0dfsg-0ubuntu0.6.10_i386.deb
Size/MD5: 49457428 a30d035ca9fd1819091c1c6b48d325b1
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.1+0dfsg-0ubuntu0.6.10_i386.deb
Size/MD5: 3109488 e86991da3947ee093b840abd83cf07b2
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.1+0dfsg-0ubuntu0.6.10_i386.deb
Size/MD5: 83386 77793d13bf5a26f0c43962ac5fbd186c
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.1+0dfsg-0ubuntu0.6.10_i386.deb
Size/MD5: 9207840 8dcf11221cfef75bf7f51422dcf60dd7
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_i386.deb
Size/MD5: 225046 90012c5f90396f6a5db7705b243e2521
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_i386.deb
Size/MD5: 156952 80817ef1fbd45ddfbdfdf75279275c34
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_i386.deb
Size/MD5: 250336 655f2f4a30dae71ec29bf96cfb7f0229
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_i386.deb
Size/MD5: 785180 131a2623fa95997b99085884204fd89a

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.1+0dfsg-0ubuntu0.6.10_powerpc.deb
Size/MD5: 51980774 4865d18b50b3a10dfd1b228e11ac0435
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.1+0dfsg-0ubuntu0.6.10_powerpc.deb
Size/MD5: 3115886 c6f8efcab8edfd7b83453ee041a24612
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.1+0dfsg-0ubuntu0.6.10_powerpc.deb
Size/MD5: 85272 b66da0f160a453b1f3ee18f5b1722e8d
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.1+0dfsg-0ubuntu0.6.10_powerpc.deb
Size/MD5: 10056020 9102c8484c7c71186fd0b970a610e7e4
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_powerpc.deb
Size/MD5: 225038 4f83154583b4a058a123a3a8586ab0f2
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_powerpc.deb
Size/MD5: 166288 6190cda57dbebe29c65c1ca97daba292
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_powerpc.deb
Size/MD5: 250334 b3f846f1dafbf1a990ab27df8258b9e1
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_powerpc.deb
Size/MD5: 860068 d0f2e68e9d1ca8be8d9914e6fcdf1bff

sparc architecture (Sun SPARC/UltraSPARC)

http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.1+0dfsg-0ubuntu0.6.10_sparc.deb
Size/MD5: 49511534 d0e1bad8c05a69231dfee2db6b34b990
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.1+0dfsg-0ubuntu0.6.10_sparc.deb
Size/MD5: 3106194 1adc42b08102dca85285244139d312da
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.1+0dfsg-0ubuntu0.6.10_sparc.deb
Size/MD5: 83086 ef47b587d79afdce14ec47b2e13ce89c
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.1+0dfsg-0ubuntu0.6.10_sparc.deb
Size/MD5: 9485274 13146d26d590e4981281cf21957cfb61
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_sparc.deb
Size/MD5: 225036 b72f082c255cd9510435cd0c0912a5bc
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_sparc.deb
Size/MD5: 155116 9d629deae12ea27812081b13bb0216ba
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_sparc.deb
Size/MD5: 250332 c3e90b969d3c3de2fe47c4942f8dc96f
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_sparc.deb
Size/MD5: 766060 a32f928bcb9a7cd2d601b2aafbec6bef

Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close