Mozilla Firefox, Thunderbird and SeaMonkey Vulnerabilities Overwhelm Online Security!

Date: June 17, 2009

logo-seamonkey-mozilla,M-R-3411-3.jpgAre you using Mozilla Firefox as your default web browser? Or do you prefer Thunderbird or SeaMonkey? If so, you should be extremely attentive! All the same, other users who are not using Mozilla Internet Suite products as their main browser, are suggested to turn their attention to this announcement as well. What I'm going to tell you is disappointing news with regards to online security.

Recently, I wrote an article about Mozilla Firefox. There I raised a rhetorical question: Is Mozilla Firefox really a safe browser? And if you could remember, the answer was based on a few Internet Security Threat reports saying that there is no "safe" browser. Therefore, one can never be certain that a web browsing software application is actually going to remain free from security flaws forever. Thus, it needs to be used safely. Some of the files of Mozilla Firefox may include but are not limited to the following: nsSessionStore.js, firefox.js, nsBrowserGlue.js and firefoxportable.exe.

Let me begin to inform you about the multiple vulnerabilities that were identified in Mozilla Firefox, SeaMonkey and Thunderbird. You may ask: What is the main impact of these multiple vulnerabilities? These vulnerabilities could be exploited by malicious people with the purpose of avoiding certain security restrictions, uncover sensitive information, cause a denial of service, conduct spoofing attacks or simply compromise a targeted system. Affected products were confirmed and include Mozilla Firefox versions before 3.0.11, Mozilla Thunderbird versions before 2.0.0.22 and Mozilla SeaMonkey versions before 1.1.17. One of the files related to Mozilla Thunderbird is: thunderbird.exe. The file related to Mozilla SeaMonkey goes by the name of: seamonkey.exe.

Each type of vulnerability is specified below for your perusal:

  • A race condition occurs while accessing the personal data of an NPObject JS wrapper class object. This may be done when navigating away from a web page while loading a Java applet. This could be exploited through a malicious web page to use freed memory. If this vulnerability is exploited successfully, it could enable attackers to execute arbitrary code. This vulnerability was discovered in Firefox 3.0.7, 3.0.8, and 3.0.9. Also, in  Windows with Java JRE 6 Update 13 which contain npjp2.dll version 6.0.130.3.
  • Multiple errors could be exploited in the browser engine, with the intentions of corrupting memory and possibly executing arbitrary code.
  • An unidentified error could be manipulated to enable double frame constructions, that could corrupt memory. Successful exploitation could possibly lead to the execution of arbitrary code.
  • Multiple errors in the JavaScript engine could be exploited to corrupt memory and possibly execute arbitrary code.
  • An error in dealing with certain incorrect unicode characters, if used as part of an IDN (internationalized domain name), could be exploited to spoof the location bar.
  • An error in the dealing with "file:" URIs could be exploited to access any domain's cookies saved on the local machine. A user is required by an attacker to download and open a manipulated HTML file for successful exploitation.
  • An error in the coping with non-200 responses after a CONNECT request to a proxy could be exploited to execute arbitrary HTML and script code in the requested SSL-protected domain.
  • The owner document of an element could become null after garbage collection. This could be exploited through event handlers to execute arbitrary Javascript code with chrome rights.
  • An error while loading a "file:" resource through the location bar could possibly be exploited to access the content of other local files, which would in most cases be secured. For successful exploitation, a victim is required to download a malicious document, and open a local file before opening the malicious document in the same browser window.
  • A security issue occurs because of incorrect checks of content-loading policies before external script files into XUL documents are loaded.
  • This Vulnerability emerged because of an error when a chrome privileged object (for instance, the browser sidebar or the FeedWriter) interacts with web content. This could be exploited to execute arbitrary code with the chrome rights of an object.

As we all can see, so many serious and scary vulnerabilities are turning on Mozilla Firefox, SeaMonkey and Thunderbird. What to do? How can you alleviate this security issue? Fortunately there is a solution for these terrible vulnerabilities. What you should do is update your installations. All Firefox users should upgrade to the updated packages listed below:

  1. Upgrade to Mozilla Firefox version 3.0.11;
  2. Upgrade to Mozilla SeaMonkey version 2.0.0.22;
  3. Upgrade to Mozilla Thunderbird version 1.1.17;   

It is essential for users to know that after installation of the updates, Firefox must be restarted for the changes to be visible. Also, JavaScript should be disabled until a version which includes this fix can be installed. Once the updates are complete, I hope you will enjoy using the amazing Mozilla products, securely.

 

Home Computer Security Mozilla Firefox, Thunderbird and SeaMonkey Vulnerabilities Overwhelm Online Security!

2 Comments

  • Rich says:

    You have the releases backwards in the table above. SeaMonkey will be going to 1.1.17 and Thunderbird to 2.0.0.22. But note that those updates have yet to be released! They will go out in the next few days.

  • Mr.X says:

    And thank you agian :)

Leave a Reply

What is 13 + 8 ?
Please leave these two fields as-is:
IMPORTANT! To be able to proceed, you need to solve the following simple math.