Multiple Xulrunner 1.9.1 vulnerabilities

30 April 2011

Multiple Xulrunner 1.9.1 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 9.10

Summary

Multiple xulrunner-1.9.1 vulnerabilities

Software Description

• xulrunner-1.9.1 - XUL + XPCOM application runner

Details

A large number of security issues were discovered in the Gecko rendering engine. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 9.10

xulrunner-1.9.1 - 1.9.1.19+build2+nobinonly-0ubuntu0.9.10.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart any applications which use Xulrunner to make all the necessary changes.

References

• CVE-2010-1585
• CVE-2010-3776
• CVE-2010-3778
• CVE-2011-0051
• CVE-2011-0053
• CVE-2011-0054
• CVE-2011-0055
• CVE-2011-0056
• CVE-2011-0057
• CVE-2011-0058
• CVE-2011-0059
• CVE-2011-0062
• CVE-2011-0065
• CVE-2011-0066
• CVE-2011-0067
• CVE-2011-0069
• CVE-2011-0070
• CVE-2011-0071
• CVE-2011-0072
• CVE-2011-0073
• CVE-2011-0074
• CVE-2011-0075
• CVE-2011-0077
• CVE-2011-0078
• CVE-2011-0080
• CVE-2011-1202