Package: xulrunner Version: 1.9.1.6-1 Severity: serious Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) ids were published for xulrunner.
CVE-2009-1597[0]: | Mozilla Firefox executes DOM calls in response to a javascript: URI in | the target attribute of a submit element within a form contained in an | inline PDF file, which might allow remote attackers to bypass intended | Adobe Acrobat JavaScript restrictions on accessing the document | object, as demonstrated by a web site that permits PDF uploads by | untrusted users, and therefore has a shared document.domain between | the web site and this javascript: URI. NOTE: the researcher reports | that Adobe's position is "a PDF file is active content." CVE-2009-2061[1]: | Mozilla Firefox before 3.0.10 processes a 3xx HTTP CONNECT response | before a successful SSL handshake, which allows man-in-the-middle | attackers to execute arbitrary web script, in an https site's context, | by modifying this CONNECT response to specify a 302 redirect to an | arbitrary https web site. CVE-2009-2065[2]: | Mozilla Firefox 3.0.10, and possibly other versions, detects http | content in https web pages only when the top-level frame uses https, | which allows man-in-the-middle attackers to execute arbitrary web | script, in an https site's context, by modifying an http page to | include an https iframe that references a script file on an http site, | related to "HTTP-Intended-but-HTTPS-Loadable (HPIHSL) pages." CVE-2009-4129[3]: | Race condition in Mozilla Firefox allows remote attackers to produce a | JavaScript message with a spoofed domain association by writing the | message in between the document request and document load for a web | page in a different domain. CVE-2009-4129[4]: | Race condition in Mozilla Firefox allows remote attackers to produce a | JavaScript message with a spoofed domain association by writing the | message in between the document request and document load for a web | page in a different domain. If you fix the vulnerabilities please also make sure to include the CVE ids in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1597 http://security-tracker.debian.org/tracker/CVE-2009-1597 [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2061 http://security-tracker.debian.org/tracker/CVE-2009-2061 [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2065 http://security-tracker.debian.org/tracker/CVE-2009-2065 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4129 http://security-tracker.debian.org/tracker/CVE-2009-4129 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4129 http://security-tracker.debian.org/tracker/CVE-2009-4129 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
