Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2015:2380-1

Опубликовано: 28 дек. 2015
Источник: suse-cvrf

Описание

Security update for xulrunner

Xulrunner was updated to 38.5.0 to fix several security issues.

The following vulnerabilities were fixed (boo#959277):

  • CVE-2015-7201: Miscellaneous memory safety hazards
  • CVE-2015-7210: Use-after-free in WebRTC when datachannel is used after being destroyed
  • CVE-2015-7212: Integer overflow allocating extremely large textures
  • CVE-2015-7205: Underflow through code inspection
  • CVE-2015-7213: Integer overflow in MP4 playback in 64-bit versions
  • CVE-2015-7222: Integer underflow and buffer overflow processing MP4 metadata in libstagefright
  • CVE-2015-7214: Cross-site reading attack through data and view-source URIs

Список пакетов

openSUSE Leap 42.1
xulrunner-38.5.0-7.1
xulrunner-32bit-38.5.0-7.1
xulrunner-devel-38.5.0-7.1

Ссылки

Описание

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

Затронутые продукты
openSUSE Leap 42.1:xulrunner-32bit-38.5.0-7.1
openSUSE Leap 42.1:xulrunner-38.5.0-7.1
openSUSE Leap 42.1:xulrunner-devel-38.5.0-7.1
Ссылки

Описание

Integer underflow in the RTPReceiverVideo::ParseRtpPacket function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 might allow remote attackers to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a crafted WebRTC RTP packet.

Затронутые продукты
openSUSE Leap 42.1:xulrunner-32bit-38.5.0-7.1
openSUSE Leap 42.1:xulrunner-38.5.0-7.1
openSUSE Leap 42.1:xulrunner-devel-38.5.0-7.1
Ссылки

Описание

Use-after-free vulnerability in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering attempted use of a data channel that has been closed by a WebRTC function.

Затронутые продукты
openSUSE Leap 42.1:xulrunner-32bit-38.5.0-7.1
openSUSE Leap 42.1:xulrunner-38.5.0-7.1
openSUSE Leap 42.1:xulrunner-devel-38.5.0-7.1
Ссылки

Описание

Integer overflow in the mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering a graphics operation that requires a large texture allocation.

Затронутые продукты
openSUSE Leap 42.1:xulrunner-32bit-38.5.0-7.1
openSUSE Leap 42.1:xulrunner-38.5.0-7.1
openSUSE Leap 42.1:xulrunner-devel-38.5.0-7.1
Ссылки

Описание

Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4Extractor.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms allows remote attackers to execute arbitrary code via a crafted MP4 video file that triggers a buffer overflow.

Затронутые продукты
openSUSE Leap 42.1:xulrunner-32bit-38.5.0-7.1
openSUSE Leap 42.1:xulrunner-38.5.0-7.1
openSUSE Leap 42.1:xulrunner-devel-38.5.0-7.1
Ссылки

Описание

Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to bypass the Same Origin Policy via data: and view-source: URIs.

Затронутые продукты
openSUSE Leap 42.1:xulrunner-32bit-38.5.0-7.1
openSUSE Leap 42.1:xulrunner-38.5.0-7.1
openSUSE Leap 42.1:xulrunner-devel-38.5.0-7.1
Ссылки

Описание

Integer underflow in the Metadata::setData function in MetaData.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect memory allocation and application crash) via an MP4 video file with crafted covr metadata that triggers a buffer overflow.

Затронутые продукты
openSUSE Leap 42.1:xulrunner-32bit-38.5.0-7.1
openSUSE Leap 42.1:xulrunner-38.5.0-7.1
openSUSE Leap 42.1:xulrunner-devel-38.5.0-7.1
Ссылки
Уязвимость openSUSE-SU-2015:2380-1