-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
                         AUSCERT Security Bulletin

                              ASB-2011.0122.2
                 Mozilla Firefox: Multiple vulnerabilities
                             23 December 2011

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Mozilla Firefox
                      Mozilla Thunderbird
Operating System:     UNIX variants (UNIX, Linux, OSX)
                      Windows
Impact/Access:        Execute Arbitrary Code/Commands -- Remote with User Interaction
                      Denial of Service               -- Remote with User Interaction
Resolution:           Patch/Upgrade
CVE Names:            CVE-2011-3663 CVE-2011-3661 CVE-2011-3658
                      CVE-2011-3664 CVE-2011-3666 CVE-2011-3665
                      CVE-2011-3660  
Member content until: Friday, January 20 2012

Revision History:     December 23 2011: CVE numbers assigned to bugs and included Thunderbird
                      December 21 2011: Initial Release

OVERVIEW

        Multiple vulnerabilities have been found in Firefox web browser.  
        These range from 'application crash' to 'execution of arbitrary code'. 
        These issues are fixed in the most recent version 9.0. [8]


IMPACT

        
        It has been found that there are several security issues in versions of 
        Firefox prior to 9.0.  These allow memory corruption, execution of remote 
        code and possible access to some Java events even while JavaScript was 
        disabled. [1] [2] [3] [4] [5] [6]
        
        Vulnerabilities mfsa2011-53 [1] and mfsa2011-55 [3] can cause 
        out-of-bounds memory access, possibly leading to execution of remote 
        code.
        
        Vulnerabilities mfsa2011-54 [2] and mfsa2011-58 [6] can lead to an 
        application crash.
        
        Vulnerability mfsa2011-56 [4] allows access to the JavaScript 
        'accesskey' events, possibly leading to key stroke logging.  It is 
        important to note that this can occur even when JavaScript is 
        disabled. This is similar to [7].
        
        Vulnerability mfsa2011-57 [5] is triggered by a plug-in 'deleting its 
        containing DOM frame during a call from that frame'.  This causes an 
        application crash but could be used to execute arbitrary code.


MITIGATION

        These issues are corrected in the 9.0 release of Mozilla Firefox.  
        Users of previous versions are recommended to upgrade to the 9.0 
        version. [8]


REFERENCES

        [1] mfsa2011-53
            http://www.mozilla.org/security/announce/2011/mfsa2011-53.html

        [2] mfsa2011-54
            http://www.mozilla.org/security/announce/2011/mfsa2011-54.html

        [3] mfsa2011-55
            http://www.mozilla.org/security/announce/2011/mfsa2011-55.html

        [4] mfsa2011-56
            http://www.mozilla.org/security/announce/2011/mfsa2011-56.html

        [5] mfsa2011-57
            http://www.mozilla.org/security/announce/2011/mfsa2011-57.html

        [6] mfsa2011-58
            http://www.mozilla.org/security/announce/2011/mfsa2011-58.html

        [7] mfsa2011-59
            http://www.mozilla.org/security/announce/2011/mfsa2011-59.html

        [8] Firefox 9.0 download.
            http://www.mozilla.org/en-US/firefox/new/

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBTvO2n+4yVqjM2NGpAQL7DxAApLtGOM/Aeqe9gza/pw5uxcbgiAR1Ehrm
rFHkGtLrii++GvzS2P5RdetgzYgMTWHUMx/LZsXfhGPHIe28nQ0X2DiqGxVmhW54
HlnvkouMc/8VAliiUS841PJJixEri5b3l9m/5aTPDNS6k4UU0UKO+7Xx5ClCbNat
4CxEVrXSMoJFX8Och63L8rFuGAWZGfeZTu8EPEaUKX9Vb0s3/EYekThpUSrLDe3t
sx7RMQTFeLAqGccc4kj8tYTUGtuFFH6y+UA7VSnSDXlOe8hhD8OdF4s+SRrvgelx
NMpjs2ozE/xg8esiEmiS36UHkb+xYa6olSc7qXSJxrjeG7xg9BejH0A8KdqxQss9
8tvGUZ+rCDZwR86SA5B6+oJj7qaqR7L+lhY3Gr+EeVhGrYFXfv9ShDKcznnVQCQB
eypivM67MDcdLNj76jWP4B8S90yRvDa9X7FyjsvF+R+gFb0h5tqOYadt0KsVfuaC
ej7aGnX2e5Gqdu4dTBYSpvUaTOCHZUf41UjmBOTX7emGPTshTNRcU8WPieMI8Ybw
t3D1e9mgNHKbNMdPVhr5oGozb79nFNYDZW2TPejWmOL7mJrvBC+1HM/mF/D5HURw
O0ee8y34MDi7OTlGd6LTJifRCr8QD6H94IOO6DZSC4SLCleT4og6hOh7csRA4h+U
SPfFtOF2WNc=
=+8nw
-----END PGP SIGNATURE-----