firefox-3.6.20-2.0.1.AXS3, xulrunner-1.9.2.20-2.0.1.AXS3

エラータID: AXSA:2011-299:05

Release date: 
Tuesday, September 13, 2011 - 13:21
Subject: 
firefox-3.6.20-2.0.1.AXS3, xulrunner-1.9.2.20-2.0.1.AXS3
Affected Channels: 
Asianux Server 3 for x86
Asianux Server 3 for x86_64
Severity: 
High
Description: 

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability.
XULRunner provides the XUL Runtime environment for Gecko applications.
Security issues fixed with this release:
CVE-2011-0084
The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox before 3.6.20, and 4.x through 5; Thunderbird 3.x before 3.1.12 and other versions before 6; SeaMonkey 2.x before 2.3; and possibly other products does not properly handle SVG text, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a dangling pointer.
CVE-2011-2378
The appendChild function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, SeaMonkey 2.x, and possibly other products does not properly handle DOM objects, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to dereferencing of a dangling pointer.
CVE-2011-2981
The event-management implementation in Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly select the context for script to run in, which allows remote attackers to bypass the Same Origin Policy or execute arbitrary JavaScript code with chrome privileges via a crafted web site.
CVE-2011-2982
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2011-2983
Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products does not properly handle the RegExp.input property, which allows remote attackers to bypass the Same Origin Policy and read data from a different domain via a crafted web site, possibly related to a use-after-free.
CVE-2011-2984
Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly handle the dropping of a tab element, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by establishing a content area and registering for drop events.

Solution: 

Update packages.

CVEs: 
CVE-2011-0084
The SVGTextElement.getCharNumAtPosition function in Mozilla Firefox before 3.6.20, and 4.x through 5; Thunderbird 3.x before 3.1.12 and other versions before 6; SeaMonkey 2.x before 2.3; and possibly other products does not properly handle SVG text, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "dangling pointer."
CVE-2011-2378
The appendChild function in Mozilla Firefox before 3.6.20, Thunderbird 3.x before 3.1.12, SeaMonkey 2.x, and possibly other products does not properly handle DOM objects, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to dereferencing of a "dangling pointer."
CVE-2011-2981
The event-management implementation in Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly select the context for script to run in, which allows remote attackers to bypass the Same Origin Policy or execute arbitrary JavaScript code with chrome privileges via a crafted web site.
CVE-2011-2982
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2011-2983
Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products does not properly handle the RegExp.input property, which allows remote attackers to bypass the Same Origin Policy and read data from a different domain via a crafted web site, possibly related to a use-after-free.
CVE-2011-2984
Mozilla Firefox before 3.6.20, SeaMonkey 2.x, Thunderbird 3.x before 3.1.12, and possibly other products does not properly handle the dropping of a tab element, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by establishing a content area and registering for drop events.




Additional Info: 

N/A

Download: 

Asianux Server 3 for x86
  1. firefox-3.6.20-2.0.1.AXS3.i386.rpm
    MD5: 09187e2be562364a0b9acb18530c3b5b
    SHA-256: 80ec6faff9b042bf1dd2e819e2f24c7b3c9043f3cd58ce8f5153f1647a186772
    Size: 14.66 MB
  2. xulrunner-1.9.2.20-2.0.1.AXS3.i386.rpm
    MD5: 51bd3276909d03217078fa548b5d3a9a
    SHA-256: f1e051ffec7b7cfb5e2d84af168cb07424a242eeb353963a3c724508de498525
    Size: 11.65 MB

Asianux Server 3 for x86_64
  1. firefox-3.6.20-2.0.1.AXS3.x86_64.rpm
    MD5: 4fae08d74fa2faa7fb2c68a1cb7fac59
    SHA-256: 4b5a0f69c1d0727277b03d8f487759b73ed1e748cf7f219b0fad14444a2f12b9
    Size: 14.66 MB
  2. xulrunner-1.9.2.20-2.0.1.AXS3.x86_64.rpm
    MD5: d4ed77c6015acfa1dbef820cca21789c
    SHA-256: bc70a201b57c3bdf14a7f947b5c8819ca12796a195132f686f0d297c83e70286
    Size: 11.08 MB