{"id":"MGASA-2015-0234","summary":"Updated Firefox, Thunderbird & sqlite3 packages fix security vulnerabilities","details":"Updated firefox, thunderbird, and sqlite3 packages fix security\nvulnerabilities:\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox or Thunderbird to\ncrash or, potentially, execute arbitrary code with the privileges of the\nuser running it (CVE-2015-2708, CVE-2015-2710, CVE-2015-2713).\n\nA heap-based buffer overflow flaw was found in the way Firefox and\nThunderbird processed compressed XML data. An attacker could create\nspecially crafted compressed XML content that, when processed by Firefox\nor Thunderbird, could cause it to crash or execute arbitrary code with the\nprivileges of the user running it (CVE-2015-2716).\n\nSQLite before 3.8.9 does not properly implement the dequoting of\ncollation-sequence names, which allows context-dependent attackers to\ncause a denial of service (uninitialized memory access and application\ncrash) or possibly have unspecified other impact via a crafted COLLATE\nclause, as demonstrated by COLLATE at the end of a SELECT statement\n(CVE-2015-3414).\n\nThe sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9\ndoes not properly implement comparison operators, which allows\ncontext-dependent attackers to cause a denial of service (invalid\nfree operation) or possibly have unspecified other impact via a\ncrafted CHECK clause, as demonstrated by CHECK(0&O\u003eO) in a CREATE\nTABLE statement (CVE-2015-3415).\n\nThe sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does\nnot properly handle precision and width values during floating-point\nconversions, which allows context-dependent attackers to cause a\ndenial of service (integer overflow and stack-based buffer overflow)\nor possibly have unspecified other impact via large integers in a\ncrafted printf function call in a SELECT statement (CVE-2015-3416).\n\nThe sqlite3 package has been updated to version 3.10.8, fixing the\nCVE-2015-3414, CVE-2015-3415, and CVE-2015-3416 security issues, also\nfixing heap overflow and other possible issues found by fuzzing, as well\nas containing many other bug fixes and enhancements.\n\nThe nss package has been updated to version 3.19, containing multiple root\ncertificate updates, security enhancements, and other bug fixes.\n","modified":"2026-04-16T06:23:06.033292946Z","published":"2015-05-18T19:08:05Z","upstream":["CVE-2015-2708","CVE-2015-2710","CVE-2015-2713","CVE-2015-2716","CVE-2015-3414","CVE-2015-3415","CVE-2015-3416"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2015-0234.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=15920"},{"type":"ADVISORY","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2015-46/"},{"type":"ADVISORY","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2015-48/"},{"type":"ADVISORY","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2015-51/"},{"type":"ADVISORY","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2015-54/"},{"type":"WEB","url":"https://sqlite.org/changes.html"},{"type":"WEB","url":"https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.18.1_release_notes"},{"type":"WEB","url":"https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19_release_notes"},{"type":"WEB","url":"https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/"},{"type":"WEB","url":"https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/"},{"type":"ADVISORY","url":"http://www.mandriva.com/en/support/security/advisories/mbs2/MDVSA-2015%3A217/"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2015/05/12/7"},{"type":"WEB","url":"https://rhn.redhat.com/errata/RHSA-2015-0988.html"},{"type":"WEB","url":"https://rhn.redhat.com/errata/RHSA-2015-1012.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=15756"}],"affected":[{"package":{"name":"sqlite3","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/sqlite3?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.8.10.1-1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0234.json"}},{"package":{"name":"rootcerts","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/rootcerts?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"20150420.00-1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0234.json"}},{"package":{"name":"nss","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/nss?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.19.0-1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0234.json"}},{"package":{"name":"firefox","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/firefox?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"31.7.0-1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0234.json"}},{"package":{"name":"firefox-l10n","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/firefox-l10n?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"31.7.0-1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0234.json"}},{"package":{"name":"thunderbird","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/thunderbird?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"31.7.0-1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0234.json"}},{"package":{"name":"thunderbird-l10n","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/thunderbird-l10n?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"31.7.0-1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0234.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}