{"id":"MGASA-2016-0105","summary":"Updated firefox packages fix security vulnerabilities","details":"Updated nss and firefox packages fix security vulnerabilities:\n\nSecurity researcher SkyLined reported a use-after-free issue in how audio is\nhandled through the Web Audio API during MediaStream playback through\ninteractions with the Web Audio API. This results in a potentially\nexploitable crash (CVE-2015-4477).\n\nSecurity researcher cgvwzq reported that it is possible to read cross-origin\nURLs following a redirect if performance.getEntries() is used along with an\niframe to host a page. Navigating back in history through script, content is\npulled from the browser cache for the redirected location instead of going\nto the original location. This is a same-origin policy violation and could\nallow for data theft (CVE-2015-7207).\n\nA heap-based buffer overflow flaw was found in the way NSS parsed certain\nASN.1 structures. An attacker could use this flaw to create a specially\ncrafted certificate which, when parsed by NSS, could cause it to crash, or\nexecute arbitrary code, using the permissions of the user running an\napplication compiled against the NSS library (CVE-2016-1950).\n\nMozilla developer Tim Taubert used the Address Sanitizer tool and software\nfuzzing to discover a use-after-free vulnerability while processing DER\nencoded keys in the Network Security Services (NSS) libraries. The\nvulnerability overwrites the freed memory with zeroes (CVE-2016-1979).\n\nSeveral flaws were found in the processing of malformed web content. A web\npage containing malicious content could cause Firefox to crash or,\npotentially, execute arbitrary code with the privileges of the user running\nFirefox (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1958,\nCVE-2016-1960, CVE-2016-1961, CVE-2016-1962, CVE-2016-1974, CVE-2016-1964,\nCVE-2016-1965, CVE-2016-1966).\n\nMultiple security flaws were found in the graphite2 font library shipped\nwith Firefox. A web page containing malicious content could cause Firefox\nto crash or, potentially, execute arbitrary code with the privileges of the\nuser running Firefox (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791,\nCVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796,\nCVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801,\nCVE-2016-2802).\n","modified":"2026-02-04T03:08:01.100802Z","published":"2016-03-09T22:57:53Z","related":["CVE-2015-4477","CVE-2015-7207","CVE-2016-1950","CVE-2016-1952","CVE-2016-1954","CVE-2016-1957","CVE-2016-1958","CVE-2016-1960","CVE-2016-1961","CVE-2016-1962","CVE-2016-1964","CVE-2016-1965","CVE-2016-1966","CVE-2016-1974","CVE-2016-1977","CVE-2016-1979","CVE-2016-2790","CVE-2016-2791","CVE-2016-2792","CVE-2016-2793","CVE-2016-2794","CVE-2016-2795","CVE-2016-2796","CVE-2016-2797","CVE-2016-2798","CVE-2016-2799","CVE-2016-2800","CVE-2016-2801","CVE-2016-2802"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2016-0105.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=17900"},{"type":"REPORT","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2015-81/"},{"type":"REPORT","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2015-136/"},{"type":"REPORT","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-16/"},{"type":"REPORT","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-17/"},{"type":"REPORT","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-20/"},{"type":"REPORT","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-21/"},{"type":"REPORT","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-23/"},{"type":"REPORT","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-24/"},{"type":"REPORT","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-25/"},{"type":"REPORT","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-27/"},{"type":"REPORT","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-28/"},{"type":"REPORT","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-31/"},{"type":"REPORT","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-34/"},{"type":"REPORT","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-35/"},{"type":"REPORT","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-36/"},{"type":"REPORT","url":"https://www.mozilla.org/en-US/security/advisories/mfsa2016-37/"},{"type":"REPORT","url":"https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-esr/"},{"type":"REPORT","url":"https://rhn.redhat.com/errata/RHSA-2016-0370.html"},{"type":"REPORT","url":"https://rhn.redhat.com/errata/RHSA-2016-0373.html"}],"affected":[{"package":{"name":"nspr","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/nspr?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.12-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0105.json"}},{"package":{"name":"nss","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/nss?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.21.1-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0105.json"}},{"package":{"name":"firefox","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/firefox?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"38.7.0-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0105.json"}},{"package":{"name":"firefox-l10n","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/firefox-l10n?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"38.7.0-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0105.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}