1 files changed, 137 insertions, 0 deletions

diff --git a/metadata/glsa/glsa-200503-30.xml b/metadata/glsa/glsa-200503-30.xml
new file mode 100644
index 000000000000..71de2256b418
--- /dev/null
+++ b/metadata/glsa/glsa-200503-30.xml
@@ -0,0 +1,137 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="200503-30">
+  <title>Mozilla Suite: Multiple vulnerabilities</title>
+  <synopsis>
+    The Mozilla Suite is vulnerable to multiple issues ranging from the remote
+    execution of arbitrary code to various issues allowing to trick the user
+    into trusting fake web sites or interacting with privileged content.
+  </synopsis>
+  <product type="ebuild">Mozilla</product>
+  <announced>2005-03-25</announced>
+  <revised count="01">2005-03-25</revised>
+  <bug>84074</bug>
+  <access>remote and local</access>
+  <affected>
+    <package name="www-client/mozilla" auto="yes" arch="*">
+      <unaffected range="ge">1.7.6</unaffected>
+      <vulnerable range="lt">1.7.6</vulnerable>
+    </package>
+    <package name="www-client/mozilla-bin" auto="yes" arch="*">
+      <unaffected range="ge">1.7.6</unaffected>
+      <vulnerable range="lt">1.7.6</vulnerable>
+    </package>
+  </affected>
+  <background>
+    <p>
+    The Mozilla Suite is a popular all-in-one web browser that
+    includes a mail and news reader.
+    </p>
+  </background>
+  <description>
+    <p>
+    The following vulnerabilities were found and fixed in the Mozilla
+    Suite:
+    </p>
+    <ul>
+    <li>Mark Dowd from ISS X-Force reported an exploitable
+    heap overrun in the GIF processing of obsolete Netscape extension 2
+    (CAN-2005-0399)</li>
+    <li>Michael Krax reported that plugins can be used
+    to load privileged content and trick the user to interact with it
+    (CAN-2005-0232, CAN-2005-0527)</li>
+    <li>Michael Krax also reported
+    potential spoofing or cross-site-scripting issues through overlapping
+    windows, image or scrollbar drag-and-drop, and by dropping javascript:
+    links on tabs (CAN-2005-0230, CAN-2005-0231, CAN-2005-0401,
+    CAN-2005-0591)</li>
+    <li>Daniel de Wildt and Gael Delalleau discovered a
+    memory overwrite in a string library (CAN-2005-0255)</li>
+    <li>Wind Li
+    discovered a possible heap overflow in UTF8 to Unicode conversion
+    (CAN-2005-0592)</li>
+    <li>Eric Johanson reported that Internationalized
+    Domain Name (IDN) features allow homograph attacks (CAN-2005-0233)</li>
+    <li>Mook, Doug Turner, Kohei Yoshino and M. Deaudelin reported various
+    ways of spoofing the SSL "secure site" indicator (CAN-2005-0593)</li>
+    <li>Georgi Guninski discovered that XSLT can include stylesheets from
+    arbitrary hosts (CAN-2005-0588)</li>
+    <li>Secunia discovered a way of
+    injecting content into a popup opened by another website
+    (CAN-2004-1156)</li>
+    <li>Phil Ringnalda reported a possible way to
+    spoof Install source with user:pass@host (CAN-2005-0590)</li>
+    <li>Jakob
+    Balle from Secunia discovered a possible way of spoofing the Download
+    dialog source (CAN-2005-0585)</li>
+    <li>Christian Schmidt reported a
+    potential spoofing issue in HTTP auth prompt tab (CAN-2005-0584)</li>
+    <li>Finally, Tavis Ormandy of the Gentoo Linux Security Audit Team
+    discovered that Mozilla insecurely creates temporary filenames in
+    /tmp/plugtmp (CAN-2005-0578)</li>
+    </ul>
+  </description>
+  <impact type="normal">
+    <ul>
+    <li>The GIF heap overflow could be triggered by a malicious GIF
+    image that would end up executing arbitrary code with the rights of the
+    user running Mozilla. The other overflow issues, while not thought to
+    be exploitable, would have the same impact</li>
+    <li>By setting up
+    malicious websites and convincing users to follow untrusted links or
+    obey very specific drag-and-drop or download instructions, attackers
+    may leverage the various spoofing issues to fake other websites to get
+    access to confidential information, push users to download malicious
+    files or make them interact with their browser preferences</li>
+    <li>The
+    temporary directory issue allows local attackers to overwrite arbitrary
+    files with the rights of another local user</li>
+    </ul>
+  </impact>
+  <workaround>
+    <p>
+    There is no known workaround at this time.
+    </p>
+  </workaround>
+  <resolution>
+    <p>
+    All Mozilla Suite users should upgrade to the latest version:
+    </p>
+    <code>
+    # emerge --sync
+    # emerge --ask --oneshot --verbose "&gt;=www-client/mozilla-1.7.6"</code>
+    <p>
+    All Mozilla Suite binary users should upgrade to the latest
+    version:
+    </p>
+    <code>
+    # emerge --sync
+    # emerge --ask --oneshot --verbose "&gt;=www-client/mozilla-bin-1.7.6"</code>
+  </resolution>
+  <references>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1156">CAN-2004-1156</uri>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0230">CAN-2005-0230</uri>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0231">CAN-2005-0231</uri>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0232">CAN-2005-0232</uri>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0233">CAN-2005-0233</uri>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0255">CAN-2005-0255</uri>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0399">CAN-2005-0399</uri>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0401">CAN-2005-0401</uri>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0527">CAN-2005-0527</uri>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0578">CAN-2005-0578</uri>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0584">CAN-2005-0584</uri>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0585">CAN-2005-0585</uri>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0588">CAN-2005-0588</uri>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0590">CAN-2005-0590</uri>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0591">CAN-2005-0591</uri>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0592">CAN-2005-0592</uri>
+    <uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0593">CAN-2005-0593</uri>
+    <uri link="https://www.mozilla.org/projects/security/known-vulnerabilities.html">Mozilla Security Advisories</uri>
+  </references>
+  <metadata tag="submitter" timestamp="2005-03-22T09:19:22Z">
+    koon
+  </metadata>
+  <metadata tag="bugReady" timestamp="2005-03-25T12:49:52Z">
+    koon
+  </metadata>
+</glsa>