System compromise in Google Chrome and Mozilla products

Posted: March 11, 2013 in Vulnerabilities
Tags: , , , , ,

Google Chrome and Mozilla products

Google Chrome and Mozilla products

Vulnerability: System compromise in Google Chrome

Danger level: High
Patch: Yes
Number of vulnerabilities: 1

CVE ID: CVE-2013-0912
Vector of operation: Remote
Impact: System Compromise

Affected products: Google Chrome 25.x
Affected versions: Google Chrome 25.C

Description:

Which can be exploited by malicious people to compromise a vulnerable system.
An error such as confusion in WebKit. A remote user can bypass the sandbox and execute arbitrary code on the target system.
Solution: To resolve the vulnerability patch from the manufacturer.

Links:

http://googlechromereleases.blogspot.dk/2013/03/stable-channel-update_7.html
http://labs.mwrinfosecurity.com/blog/2013/03/06/pwn2own-at-cansecwest-2013/

Vulnerability: Compromise of Mozilla products

Danger level: High
Patch: Yes
Number of vulnerabilities: 1

CVE ID: CVE-2013-0787
Vector of operation: Remote
Impact: System Compromise

Affected products:

- Mozilla Firefox 17.x;
- Mozilla Firefox 19.x;
- Mozilla SeaMonkey 2.x;
- Mozilla Thunderbird 17.x.

Affected versions:

- Mozilla Firefox versions prior to 19.0.2;
- Mozilla Firefox ESR versions prior to 17.0.4;
- Thunderbird versions prior to 17.0.4;
- Thunderbird ESR versions prior to 17.0.4;
- Mozilla SeaMonkey versions prior to 2.16.1.

Description:

Which can be exploited by malicious people to compromise a vulnerable system.
An error after release of HTML-editor, when the script runs on the content features document.execCommand () when performing certain operations of internal editing. A remote user can refer to already freed memory and execute arbitrary code on the target system.
Solution: To resolve the vulnerability patch from the manufacturer.

Links:
http://www.mozilla.org/security/announce/2013/mfsa2013-29.html

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s