Re: New Netscape Vulnerability?

["H. Morrow Long" <morrow.long () YALE EDU>]

On Sep 20, 2004, at 11:13 AM, Ariel Silverstone wrote:
> Has anyone else heard of a critical Netscape (not Mozilla) vulnerability from today?

On 9/15 Secunia issued an advisory SA12535 on Netscape (specifically
v7.2 on Windows) regarding multiple vulnerabilities (which were apparently
similar to some of those reported in Mozilla/Firefox and Thunderbird in
Secunia Advisory SA12526 on the day before -- 9.14.04).

Netscape still has not acknowledged the 9/15 Secunia advisory regarding
7.2 on their Security Center website (http://wp.netscape.com/security AKA
http://www.netscape.com/security) nor do they appear to have patches or a
new version of Netscape available (yet).

Perhaps this is what you've heard about?

Any word of exploits for this or the Mozilla/Firefox  multiple vulnerabilities (SA12526)?

The security community is much more worried about the MS IE JPEG buffer
overflow and these browser vulnerabilities have not received the same
level of press attention (lower risk/probability because they have lower mindshare,
tougher to exploit and/or more intelligent users :-)

- H. Morrow Long, CISSP, CISM
University Information Security Officer
Director -- Information Security Office
Yale University, ITS

On Sep 15, 2004 H. Morrow Long wrote:
> Today is the Netscape browser's turn -- please keep an eye out for updates to this application
> particularly as some users have switched to Netscape to avoid IE vulnerabilities.
>
> The enclosed Secunia advisory only specifically mentions Netscape 7.2 on Windows
> as having been verified as vulnerable to the multiple security problems however there
> is no update yet, no response from Netscape on their website's security pages and
> these problems may affect other Netscape releases as well as Netscape versions
> running on other platforms other than Windows./bin
>
> - H. Morrow Long, CISSP, CISM
> University Information Security Officer
> Director -- Information Security Office
> Yale University, ITS
>
> Begin forwarded message:
>
> > From: Secunia Security Advisories <sec-adv () secunia com>
> > Date: September 15, 2004 6:19:48 AM EDT
> > To: morrow.long () yale edu
> > Subject: [SA12535] Netscape Multiple Vulnerabilities
> >
> >
> > TITLE:
> > Netscape Multiple Vulnerabilities
> >
> > SECUNIA ADVISORY ID:
> > SA12535
> >
> > VERIFY ADVISORY:
> > http://secunia.com/advisories/12535/
> >
> > CRITICAL:
> > Highly critical
> >
> > IMPACT:
> > Cross Site Scripting, Manipulation of data, Exposure of sensitive
> > information, System access
> >
> > WHERE:
> > > From remote
> >
> > SOFTWARE:
> > Netscape 7.x
> > http://secunia.com/product/85/
> >
> > DESCRIPTION:
> > Multiple vulnerabilities have been reported in Netscape, which can be
> > exploited by malicious people to conduct cross-site scripting attacks,
> > access and modify sensitive information, and compromise a user's
> > system.
> >
> > The vulnerabilities are related to some recently disclosed issues in
> > Mozilla:
> > SA12526
> >
> > The following vulnerabilities in SA12526 have been confirmed in
> > Netscape 7.2 for Windows:
> > 1, 2, 3, 5, 6, and 7.
> >
> > SOLUTION:
> > Use another product.
> >
> > PROVIDED AND/OR DISCOVERED BY:
> > Two of the vulnerabilities were reported in Netscape by:
> > Juha-Matti Laurio
> >
> > OTHER REFERENCES:
> > SA12526:
> > http://secunia.com/advisories/12526/
> >
> > ----------------------------------------------------------------------
> >
> > About:
> > This Advisory was delivered by Secunia as a free service to help
> > everybody keeping their systems up to date against the latest
> > vulnerabilities.
> >
> > Subscribe:
> > http://secunia.com/secunia_security_advisories/
> >
> > Definitions: (Criticality, Where etc.)
> > http://secunia.com/about_secunia_advisories/
> >
> >
> > Please Note:
> > Secunia recommends that you verify all advisories you receive by
> > clicking the link.
> > Secunia NEVER sends attached files with advisories.
> > Secunia does not advise people to install third party patches, only
> > use those supplied by the vendor.
> >
> > ----------------------------------------------------------------------
> >
> > Unsubscribe: Secunia Security Advisories
> > http://secunia.com/sec_adv_unsubscribe/?email=morrow.long () yale edu
> >
> > ----------------------------------------------------------------------

Attachment: smime.p7s
Description: