IBM Support

Security Bulletin: Mozilla Firefox vulnerability issues in IBM SONAS (CVE-2014-1574, CVE-2014-1576, CVE-2014-1577, CVE-2014-1578, CVE-2014-1581, CVE-2014-1583, CVE-2014-1587, CVE-2014-1588, and 11 more)

Security Bulletin


Summary

There are security vulnerabilities in versions of Mozilla Firefox that are shipped with versions 1.3.0.0 to 1.5.1.0 of SONAS

Vulnerability Details


IBM SONAS is shipped with Mozilla Firefox. There are vulnerabilities in certain versions of Mozilla Firefox shipped in certain versions of IBM SONAS. This vulnerability concerns the potential ability of a remote attacker to execute arbitrary code on a vulnerable system or cause a denial of service.

CVEID: CVE-2014-1574
DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service.
CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/97001 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)


CVEID: CVE-2014-1576
DESCRIPTION: Mozilla Firefox is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the nsTransformedTextRun() function when making capitalization style changes during CSS parsing. By using unknown attack vectors, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/97003 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)


CVEID: CVE-2014-1577
DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read in mozilla::dom::OscillatorNodeEngine::ComputeCustom() in Web Audio when interacting with custom waveforms with invalid values. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the vulnerable system or cause a denial of service.
CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/97004 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)


CVEID: CVE-2014-1578
DESCRIPTION: Mozilla Firefox is vulnerable to a denial of service, caused by an out-of-bounds write error in get_tile() when buffering WebM format video containing frames with invalid tile sizes. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 7.1
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/97005 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:C)


CVEID: CVE-2014-1581
DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free during text layout. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service.
CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/97011 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)


CVEID: CVE-2014-1583
DESCRIPTION: Mozilla Firefox could allow a remote attacker to bypass cross-domain security restrictions. By invoking the AlarmAPI, an attacker could bypass same-origin policy restrictions to read the values of cross-origin references in the alarm's JSON data.
CVSS Base Score: 5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/97012 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:P/A:N)


CVEID: CVE-2014-1587
DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service.
CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/99059 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)


CVEID: CVE-2014-1588
DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service.
CVSS Base Score: 9.300
CVSS Temporal Score: http://xforce.iss.net/xforce/xfdb/99060 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)


CVEID: CVE-2014-1590
DESCRIPTION: Mozilla Firefox is vulnerable to a denial of service, caused by an error when passing a JavaScript object to XMLHttpRequest. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 4.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/99062 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P)


CVEID: CVE-2014-1592
DESCRIPTION: Mozilla Firefox is vulnerable to a denial of service, caused by a use-after-free while parsing HTML5 written to a document. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 4.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/99064 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P)


CVEID: CVE-2014-1593
DESCRIPTION: Mozilla Firefox is vulnerable to a buffer overflow, caused by improper bounds checking when parsing media content. By persuading a victim to visit a specially-crafted Web site, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/99065 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)


CVEID: CVE-2014-8634
DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service.
CVSS Base Score: 9.3
CVSS Temporal Score: http://xforce.iss.net/xforce/xfdb/99955 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)


CVEID: CVE-2014-8638
DESCRIPTION: Mozilla Firefox is vulnerable to cross-site request forgery, caused by the failure to follow the cross-origin resource sharing (CORS) specification by the navigator.sendBeacon() function. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to perform unauthorized actions. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.
CVSS Base Score: 4.3
CVSS Temporal Score: http://xforce.iss.net/xforce/xfdb/99958 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)


CVEID: CVE-2014-8639
DESCRIPTION: Mozilla Firefox could allow a remote attacker to hijack a valid user's session, caused by the returning of a 407 Proxy Authentication response with a Set-Cookie header by a Web Proxy. By persuading a victim to visit a specially-crafted link and log into the application, a remote attacker could exploit this vulnerability to inject cookies into the originally requested domain and hijack another user's account.
CVSS Base Score: 4.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/99959 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)


CVEID: CVE-2014-8641
DESCRIPTION: Mozilla Firefox is vulnerable to a denial of service, caused by a read-after-free in WebRTC . An attacker could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 5.0
CVSS Temporal Score: http://xforce.iss.net/xforce/xfdb/99961 for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)


CVEID: CVE-2015-0822
DESCRIPTION: Mozilla Firefox could allow a remote attacker to obtain sensitive information, caused by an error in the form autocomplete function. By manipulating the autocomplete feature, an attacker could exploit this vulnerability to upload a local file to a known location and obtain sensitive information.
CVSS Base Score: 4.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/101104 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)


CVEID: CVE-2015-0827
DESCRIPTION: Mozilla Firefox is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the mozilla::gfx::CopyRect() function when rendering the SVG content. A remote attacker could overflow a buffer and probably read the uninitialized memory.
CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/101080 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)


CVEID: CVE-2015-0831
DESCRIPTION: Mozilla Firefox is vulnerable to a denial of service, caused by a use-after-free in IndexedDB. A remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 4.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/101083 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P)


CVEID: CVE-2015-0836
DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the browser engine. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using unknown attack vectors to execute arbitrary code on the vulnerable system or cause a denial of service.
CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/101093 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

Affected Products and Versions


IBM SONAS

All products are affected when running code releases 1.3, 1.4 and 1.5 except for version 1.5.2.0 and above

Remediation/Fixes


A fix for these issues is in version 1.5.2.0 of IBM SONAS. Customers running an affected version of IBM SONAS should upgrade to 1.5.2.0 or a later version, so that the fix gets applied.

Please contact IBM support for assistance in upgrading your system.

Workarounds and Mitigations

Workaround(s) :
Normal operation of IBM SONAS does not require or call for customers to use Firefox to access the Internet. Although IBM recommends that you install a level of IBM SONAS code with a fix, you can avoid these vulnerabilities by not using Mozilla Firefox within your IBM SONAS system to access the Internet.

Get Notified about Future Security Bulletins

References

Off

Change History


7 April 2015: First draft
20 April 2015: Final version

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

Disclaimer

According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS"" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

Internal Use Only

CQ S1057880 - [PSIRT 2321] IBM product record 45764 for SONAS and 45765 for IFS - Open Source Mozilla Firefox , Firefox ESR vulnerability - Reported in 10/14/2014 X-Force Report
CQ S1058306 - [PSIRT 2597] IBM product record 47698 for SONAS and 47697 for IFS - Open Source Mozilla Firefox vulnerability - Reported in 12/02/2014 X-Force Report
CQ S1058515 - [PSIRT 2761] Open Source Mozilla Firefox vulnerability - record 49269 for Unified 49267 for SONAS
CQ S1058723 - [PSIRT 2889] [PSIRT 2889] IBM product record 50122 for IFS and 50123 for SONAS - [RHSA-2015:0265-01] Critical: firefox security update

[{"Product":{"code":"STAV45","label":"Scale Out Network Attached Storage"},"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Component":"1.5.1","Platform":[{"code":"PF016","label":"Linux"}],"Version":"1.3;1.4;1.5","Edition":"","Line of Business":{"code":"","label":""}}]

Document Information

Modified date:
17 June 2018

UID

ssg1S1005151