Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2019.2502 Multiple Mozilla Firefox vulnerabilities in IBM SONAS 9 July 2019 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: IBM Scale Out Network Attached Storage Publisher: IBM Operating System: Linux variants Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Denial of Service -- Remote with User Interaction Access Confidential Data -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2019-11698 CVE-2019-11693 CVE-2019-11692 CVE-2019-11691 CVE-2019-9820 CVE-2019-9819 CVE-2019-9817 CVE-2019-9816 CVE-2019-9813 CVE-2019-9810 CVE-2019-9800 CVE-2019-7317 Original Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10956423 http://www.ibm.com/support/docview.wss?uid=ibm10958005 http://www.ibm.com/support/docview.wss?uid=ibm10958003 Comment: This bulletin contains three (3) IBM security advisories. - --------------------------BEGIN INCLUDED TEXT-------------------- Multiple Mozilla Firefox vulnerabilities in IBM SONAS Product: Scale Out Network Attached Storage Component: 1.5 Operating system(s): Linux Reference #: 0956423 Security Bulletin Summary There are security vulnerabilities in versions of Mozilla Firefox that are shipped with versions 1.5.1.0 to 1.5.2.11 of IBM SONAS Vulnerability Details IBM SONAS is shipped with Mozilla Firefox. There are vulnerabilities in certain versions of Mozilla Firefox shipped in certain versions of IBM SONAS. These vulnerabilities concern the potential ability of a remote attacker to execute arbitrary code on a vulnerable system or cause a denial of service. CVEID: CVE-2019-9810 DESCRIPTION: Mozilla Firefox is vulnerable to a buffer overflow, caused by incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method. By persuading a victim to visit a specially-crafted Web site, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. CVSS Base Score: 8.8 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/ 158520 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) CVEID: CVE-2019-9813 DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by a type confusion when improperly handling __proto__ mutations. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. CVSS Base Score: 8.8 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/ 158521 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) Affected Products and Versions IBM SONAS The product is affected when running code releases 1.5.1.0 to 1.5.2.11 Remediation/Fixes A fix for these issues is in version 1.5.2.12 of IBM SONAS. Customers running an affected version of IBM SONAS should upgrade to 1.5.2.12 or a later version, so that the fix gets applied. Workarounds and Mitigations Workaround(s) : Normal operation of IBM SONAS does not require or call for customers to use Firefox to access the Internet. Although IBM recommends that you install a level of IBM SONAS code with a fix, you can avoid these vulnerabilities by not using Mozilla Firefox within your IBM SONAS system to access the Internet. Mitigation: None - --- Multiple Mozilla Firefox vulnerability in IBM SONAS Product: Scale Out Network Attached Storage Component: 1.5 Operating system(s): Linux Reference #: 0958005 Security Bulletin Summary There is a security vulnerability in versions of Mozilla Firefox that are shipped with versions 1.5.1.0 to 1.5.2.11 of IBM SONAS Vulnerability Details IBM SONAS is shipped with Mozilla Firefox. There are vulnerabilities in certain versions of Mozilla Firefox shipped in certain versions of IBM SONAS. These vulnerabilities concern the potential ability of a remote attacker to execute arbitrary code on a vulnerable system or cause a denial of service. CVEID: CVE-2019-11692 DESCRIPTION: Mozilla Firefox is vulnerable to a denial of service, caused by a use-after-free when listeners are removed from the event listener manager while still in use. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to cause a denial of service. CVSS Base Score: 6.5 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/ 161344 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) CVEID: CVE-2019-11691 DESCRIPTION: Mozilla Firefox is vulnerable to a denial of service, caused by a use-after-free when working with XMLHttpRequest (XHR) in an event loop. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to cause a denial of service. CVSS Base Score: 6.5 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/ 161343 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) CVEID: CVE-2019-9819 DESCRIPTION: Mozilla Firefox is vulnerable to a denial of service, caused by a JavaScript compartment mismatch can while working with the fetch API. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to cause a denial of service. CVSS Base Score: 6.5 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/ 161340 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) CVEID: CVE-2019-9816 DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by a type confusion when manipulating JavaScript objects in object groups. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. CVSS Base Score: 8.8 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/ 161338 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) CVEID: CVE-2019-9817 DESCRIPTION: Mozilla Firefox could allow a remote attacker to obtain sensitive information. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using canvas to steal image data from a different site. CVSS Base Score: 6.5 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/ 161339 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) CVEID: CVE-2019-9820 DESCRIPTION: Mozilla Firefox is vulnerable to a denial of service, caused by a use-after-free in the chrome event handler. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to cause a denial of service. CVSS Base Score: 6.5 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/ 161341 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) CVEID: CVE-2019-7317 DESCRIPTION: Mozilla Firefox is vulnerable to a denial of service, caused by a use-after-free in the png_image_free function in the libpng library. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to cause a denial of service. CVSS Base Score: 6.5 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/ 161346 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) CVEID: CVE-2019-7317 DESCRIPTION: libpng is vulnerable to a denial of service, caused by a use-after-free in png_image_free in png.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service. CVSS Base Score: 3.3 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/ 156548 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) CVEID: CVE-2019-11693 DESCRIPTION: Mozilla Firefox is vulnerable to a denial of service, caused by a buffer overflow in the bufferdata function in WebGL. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to cause a denial of service. CVSS Base Score: 6.5 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/ 161345 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) Affected Products and Versions IBM SONAS The product is affected when running code releases 1.5.1.0 to 1.5.2.11 Remediation/Fixes A fix for these issues is in version 1.5.2.11 of IBM SONAS. Customers running an affected version of IBM SONAS should upgrade to 1.5.2.12version, so that the fix gets applied. Workarounds and Mitigations Workaround(s) : Normal operation of IBM SONAS does not require or call for customers to use Firefox to access the Internet. Although IBM recommends that you install a level of IBM SONAS code with a fix, you can avoid these vulnerabilities by not using Mozilla Firefox within your IBM SONAS system to access the Internet. Mitigation: None - --- Multiple Mozilla Firefox vulnerability in IBM SONAS Product: Scale Out Network Attached Storage Component: 1.5 Operating system(s): Linux Reference #: 0958003 Security Bulletin Summary There is a security vulnerability in versions of Mozilla Firefox that are shipped with versions 1.5.1.0 to 1.5.2.11 of IBM SONAS Vulnerability Details IBM SONAS is shipped with Mozilla Firefox. There are vulnerabilities in certain versions of Mozilla Firefox shipped in certain versions of IBM SONAS. These vulnerabilities concern the potential ability of a remote attacker to execute arbitrary code on a vulnerable system or cause a denial of service. CVEID: CVE-2019-9800 DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service. CVSS Base Score: 8.8 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/ 161357 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) CVEID: CVE-2019-11698 DESCRIPTION: Mozilla Firefox could allow a remote attacker to bypass security restrictions. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using drag and dropt to steal user history data. CVSS Base Score: 6.5 CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/ 161353 for the current score CVSS Environmental Score*: Undefined CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) Affected Products and Versions IBM SONAS The product is affected when running code releases 1.5.1.0 to 1.5.2.11 Remediation/Fixes A fix for these issues is in version 1.5.2.11 of IBM SONAS. Customers running an affected version of IBM SONAS should upgrade to 1.5.2.12version, so that the fix gets applied. Workarounds and Mitigations Workaround(s) : Normal operation of IBM SONAS does not require or call for customers to use Firefox to access the Internet. Although IBM recommends that you install a level of IBM SONAS code with a fix, you can avoid these vulnerabilities by not using Mozilla Firefox within your IBM SONAS system to access the Internet. Mitigation: None - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXSQJlmaOgq3Tt24GAQjG6A//c6OfsxhRLpCpp+HRXqgdYqEwjI8S4/mi 2Mc58ooyYT2HkGto2AmqhE4ZckxItaBaTbR2TvzlCXwtnDRsp1FktjXLvfrbjD7P LaeUCz/yIQSnB9lrd6EttZYSZpgmD6/oKmwQ+EogZS4WL8bWhn8jvJGdjlGsEr/t rydmsrfHZt+Xq/cKcS907umOlgHYSC8ijTiy0l9MLwwXkCiWHW6lkb4zUZoH+dM1 b4L86h3RfqodsDEhHc98mMma3bJWv5oq2Rc9V5KKyPayPGB7gmPXvncMFV5khg2E hZ3knuBFKKpX2R28tvjngxxBGCA3Qra4h63PLgPkHrX6kpaWcO04TtS5RP+3hMCJ EmZeqmw09Sg74A40bQSK8EfSqUjG7PnwiL5DjFJq1nCtGtX8dptltuf9X/z1A4MD FMI7QurRZyCMIjqO3BTZqyvZ3LA7nJ8La5PoZrPlKNmvgCvw6TinNo5EPxWcHOIl cDG416pvZvONE2HLVBNX5e1EFDHUO1I4iXAYfrWkIlC9WC0HVW6I36AzS6VPIQqP ZWqcDU9qYf3NsOMSrnfPiLzo2ZQP2Q+lVBxleHf/D6o5hlMkOqXgtwpUlwngwbdh pdkvEdzmYIqqi2P78j+KzoQYPdPc2eBFHyTFHTKLKxLd3hvuEjX19L5+9sH83AX1 jO0MeNNffXw= =GChe -----END PGP SIGNATURE-----