Chrisccoulson

**Name of the Vulnerable Software and Affected Versions** unity-firefox-extension versions prior to 3.0.0+14.04.20140416-0ubuntu1.14.04.1 **Description** The issue is related to resource release errors in the unity-firefox-extension package. It can be exploited by a remote attacker to cause a denial of service. The exploitation involves tricking the package into dropping a C callback that is still in use, leading to a crash when Firefox attempts to free it. This can be achieved by adding an action to the launcher and updating it with new callbacks until a rate limit is hit. **Recommendations** For versions prior to 3.0.0+14.04.20140416-0ubuntu1.14.04.1, update to version 3.0.0+14.04.20140416-0ubuntu1.14.04.1 or later of unity-firefox-extension to resolve the issue. Alternatively, consider disabling the unity-firefox-extension package entirely, as done in the fixed versions of libunity-webapps, to prevent the attack.

**Name of the Vulnerable Software and Affected Versions** unity-firefox-extension versions prior to 3.0.0+14.04.20140416-0ubuntu1.14.04.1 **Description** The issue is related to the unity-firefox-extension package, which could be tricked into destroying the Unity webapps context, causing Firefox to crash. This could be achieved by spinning the event loop inside the webapps initialization callback. The problem is also associated with resource release errors. **Recommendations** For versions prior to 3.0.0+14.04.20140416-0ubuntu1.14.04.1, update to version 3.0.0+14.04.20140416-0ubuntu1.14.04.1 or later, which ships an empty package and thus disables the extension entirely. As a temporary workaround, consider disabling the unity-firefox-extension to prevent potential crashes.

**Name of the Vulnerable Software and Affected Versions** Oxide versions prior to 1.5.6 Oxide versions 1.6.x prior to 1.6.1 **Description** The issue is related to a use-after-free condition that can be triggered by remote attackers, potentially leading to a denial of service (crash) or the execution of arbitrary code. This is achieved by deleting all WebContents while a RenderProcessHost instance still exists. **Recommendations** For Oxide versions prior to 1.5.6, update to version 1.5.6 or later. For Oxide versions 1.6.x prior to 1.6.1, update to version 1.6.1 or later.

**Name of the Vulnerable Software and Affected Versions** libunity-webapps versions prior to 2.4.1 **Description** The issue is related to a use-after-free vulnerability, which can be triggered by remote attackers via a crafted web site. This vulnerability is associated with certain hash tables and can cause a denial of service due to memory corruption and crash. It may also allow the execution of arbitrary code. **Recommendations** For versions prior to 2.4.1, update to version 2.4.1 or later to resolve the issue.