Ubuntu ‘unity-firefox-extension’ Package Denial of Service Vulnerability

Summary

Ubuntu unity-firefox-extension package is prone to a denial-of-service vulnerability.

Credit:

The original article can be found at: http://www.ubuntu.com/usn/USN-1639-1/


Details

Vulnerable Systems:
 * Ubuntu Unity integration extension (unity-firefox-extension) 2.4.1 and prior

It was discovered that unity-firefox-extension incorrectly handled certain callbacks. A remote attacker could use this issue to cause unity-firefox-extension to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE Information:
CVE-2012-0960

Disclosure Timeline:
Published: November 22 2012

Categories: News