Security Bytes: Firefox fixes multiple flaws

In other news, Microsoft investigates a new Windows flaw; a college loan firm reports missing data on 1.3 million borrowers; and F-Secure patches Web console flaw.

Firefox fixes multiple flaws
Mozilla has fixed 13 flaws affecting Firefox, SeaMonkey and Thunderbird. Attackers could exploit the vulnerabilities to take complete control of affected systems, bypass security restrictions, disclose sensitive information and launch arbitrary scripting code, the French Security Incident Response Team (FrSIRT) said in an advisory.

The 13 flaws include:

  • Memory corruption errors when handling malformed HTML or JavaScript code, which malicious Web sites could exploit to crash a vulnerable application or execute arbitrary commands.
  • Errors when handling HTTP headers received through certain proxy servers, which attackers could exploit to conduct HTTP response smuggling attacks.
  • An error when processing broken images accessed via the "View Image" feature, which malicious Web sites could exploit to conduct cross-site scripting attacks.
  • An error where content-defined setters on an object prototype are called by privileged UI code, which attackers could exploit to compromise a vulnerable system.
  • An error when handling a specially crafted text input box, which malicious Web sites could exploit to gain access to arbitrary files on a vulnerable system.

    The flaws affect:

  • Firefox versions prior to
  • Thunderbird versions prior to
  • SeaMonkey versions prior to 1.0.2

    Users are advised to upgrade to Firefox, Thunderbird, and SeaMonkey 1.0.2.

    Microsoft investigates Windows flaw
    Attackers could exploit a new flaw in Microsoft Windows to cause a denial of service, Danish vulnerability clearinghouse Secunia said in an advisory.

    "The vulnerability is caused due to a boundary error in inetcomm.dll within the processing of URLs with the "mhtml:" URI handler," Secunia said. "This can be exploited to cause a stack-based buffer overflow via an overly long URL by tricking a user into visiting a malicious Web site with Internet Explorer or opening a specially crafted Internet shortcut."

    Secunia said successful exploitation crashes the application using the vulnerable library. The firm has confirmed the vulnerability on a fully patched system with Microsoft Windows XP SP2 and Microsoft Windows 2003 Server.

    Secunia said the threat can be mitigated by disabling the "mhtml:" URI handler, though this may affect functionality.

    Microsoft is investigating the flaw, according to published reports.

    Data on 1.3 million people compromised
    Student loan company Texas Guaranteed (TG) said personal data on 1.3 million borrowers may have been compromised after an employee from Hummingbird, a company TG uses to prepare a document management system, lost a piece of equipment containing the borrowers' names and Social Security numbers.

    In a statement on its Web site, TG said the employee lost the data May 24, and that Hummingbird notified TG May 26. The non-profit organization never states just what type of equipment -- be it a laptop, server, PDA or other device -- went missing, nor how the loss occurred.

    "Even though this information is not easily accessed and used, and even though the loss appears to be inadvertent, we are issuing this release out of an abundance of caution, because the piece of equipment has not been located," Sue McMillin, TG's president and CEO, said in the statement. "No personally identifiable information other than names and Social Security numbers were included on the piece of equipment."

    She said letters will be mailed to individuals who were directly affected, with information about their records and recommendations on how to protect themselves from identity theft. A toll-free information call center will also be open Monday through Friday from 8 a.m. to 7 p.m. CT at (800) 530-0626.

    F-Secure fixes buffer overflow flaw
    Finnish antivirus firm F-Secure Corp. has fixed a buffer overflow flaw in the Web console of F-Secure Anti-Virus for Microsoft Exchange and F-Secure Internet Gatekeeper.

    The high-risk buffer overflow occurs in the Web console before authentication takes place, F-Secure said, adding that the overflow may crash the Web console process and leave the product running without console access. By default, the connections are only allowed from the local host.

    "It may be possible to execute arbitrary code with this vulnerability," F-Secure said in its Web site advisory. "There are no known exploits for this, currently."

    The advisory outlines the appropriate hotfix users can apply to solve the problem.

  • Read more on Operating systems software