An update for firefox is now available for openEuler-24.03-LTS Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2024-2523 Final 1.0 1.0 2024-12-06 Initial 2024-12-06 2024-12-06 openEuler SA Tool V1.0 2024-12-06 firefox security update An update for firefox is now available for openEuler-24.03-LTS Mozilla Firefox is a standalone web browser, designed for standards compliance and performance. Its functionality can be enhanced via a plethora of extensions. Security Fix(es):Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security Fix(es): An attacker could cause a select dropdown to be shown over another tab; this could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5.(CVE-2024-11692) Enhanced Tracking Protection's Strict mode may have inadvertently allowed a CSP `frame-src` bypass and DOM-based XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could have exposed users to malicious frames masquerading as legitimate content. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Firefox ESR < 115.18, Thunderbird < 133, and Thunderbird < 128.5.(CVE-2024-11694) A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoofing attack. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5.(CVE-2024-11695) The application failed to account for exceptions thrown by the `loadManifestFromFile` method during add-on signature verification. This flaw, triggered by an invalid or unsupported extension manifest, could have caused runtime errors that disrupted the signature validation process. As a result, the enforcement of signature validation for unrelated add-ons may have been bypassed. Signature validation in this context is used to ensure that third-party applications on the user's computer have not tampered with the user's extensions, limiting the impact of this issue. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5.(CVE-2024-11696) When handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation dialog. This could have led to malicious code execution. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5.(CVE-2024-11697) Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5.(CVE-2024-11699) A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.(CVE-2024-4367) An update for firefox is now available for master/openEuler-20.03-LTS-SP4/openEuler-22.03-LTS-SP1/openEuler-22.03-LTS-SP3/openEuler-24.03-LTS/openEuler-24.03-LTS-Next/openEuler-22.03-LTS-SP4/openEuler-24.03-LTS-SP1. openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. High firefox https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2523 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-11692 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-11694 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-11695 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-11696 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-11697 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-11699 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-4367 https://nvd.nist.gov/vuln/detail/CVE-2024-11692 https://nvd.nist.gov/vuln/detail/CVE-2024-11694 https://nvd.nist.gov/vuln/detail/CVE-2024-11695 https://nvd.nist.gov/vuln/detail/CVE-2024-11696 https://nvd.nist.gov/vuln/detail/CVE-2024-11697 https://nvd.nist.gov/vuln/detail/CVE-2024-11699 https://nvd.nist.gov/vuln/detail/CVE-2024-4367 openEuler-24.03-LTS firefox-128.5.0-1.oe2403.aarch64.rpm firefox-debuginfo-128.5.0-1.oe2403.aarch64.rpm firefox-debugsource-128.5.0-1.oe2403.aarch64.rpm firefox-128.5.0-1.oe2403.src.rpm firefox-128.5.0-1.oe2403.x86_64.rpm firefox-debuginfo-128.5.0-1.oe2403.x86_64.rpm firefox-debugsource-128.5.0-1.oe2403.x86_64.rpm An attacker could cause a select dropdown to be shown over another tab; this could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5. 2024-12-06 CVE-2024-11692 openEuler-24.03-LTS Medium 4.3 AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N firefox security update 2024-12-06 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2523 Enhanced Tracking Protection's Strict mode may have inadvertently allowed a CSP `frame-src` bypass and DOM-based XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could have exposed users to malicious frames masquerading as legitimate content. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Firefox ESR < 115.18, Thunderbird < 133, and Thunderbird < 128.5. 2024-12-06 CVE-2024-11694 openEuler-24.03-LTS Medium 6.1 AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N firefox security update 2024-12-06 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2523 A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoofing attack. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5. 2024-12-06 CVE-2024-11695 openEuler-24.03-LTS Medium 5.4 AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N firefox security update 2024-12-06 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2523 The application failed to account for exceptions thrown by the `loadManifestFromFile` method during add-on signature verification. This flaw, triggered by an invalid or unsupported extension manifest, could have caused runtime errors that disrupted the signature validation process. As a result, the enforcement of signature validation for unrelated add-ons may have been bypassed. Signature validation in this context is used to ensure that third-party applications on the user's computer have not tampered with the user's extensions, limiting the impact of this issue. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5. 2024-12-06 CVE-2024-11696 openEuler-24.03-LTS Medium 5.4 AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N firefox security update 2024-12-06 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2523 When handling keypress events, an attacker may have been able to trick a user into bypassing the "Open Executable File?" confirmation dialog. This could have led to malicious code execution. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5. 2024-12-06 CVE-2024-11697 openEuler-24.03-LTS High 8.8 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H firefox security update 2024-12-06 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2523 Memory safety bugs present in Firefox 132, Firefox ESR 128.4, and Thunderbird 128.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5. 2024-12-06 CVE-2024-11699 openEuler-24.03-LTS High 8.8 AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H firefox security update 2024-12-06 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2523 A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. 2024-12-06 CVE-2024-4367 openEuler-24.03-LTS High 7.5 AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H firefox security update 2024-12-06 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-2523