English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 89547 CVE descriptions
and 49323 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.69573
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 2228-1 (iceweasel)
Summary:Debian Security Advisory DSA 2228-1 (iceweasel)
Description:Description:
The remote host is missing an update to iceweasel
announced via advisory DSA 2228-1.

Several vulnerabilities have been found in Iceweasel, a web browser
based on Firefox:

CVE-2011-0069 CVE-2011-0070 CVE-2011-0072 CVE-2011-0074 CVE-2011-0075 CVE-2011-0077 CVE-2011-0078 CVE-2011-0080 CVE-2011-0081

Scoobidiver, Ian Beer Bob Clary, Henri Sivonen, Marco Bonardo,
Mats Palmgren, Jesse Ruderman, Aki Kelin and Martin Barbella
discovered memory corruption bugs, which may lead to the execution
of arbitrary code.

CVE-2011-0065 CVE-2011-0066 CVE-2011-0073

regenrecht discovered several dangling pointer vulnerabilities,
which may lead to the execution of arbitrary code.

CVE-2011-0067

Paul Stone discovered that Java applets could steal information
from the autocompletion history.

CVE-2011-0071

Soroush Dalili discovered a directory traversal vulnerability in
handling resource URIs.

For the oldstable distribution (lenny), this problem will be fixed soon
with updated packages of the xulrunner source package.

For the stable distribution (squeeze), this problem has been fixed in
version 3.5.16-7.

For the unstable distribution (sid), this problem has been fixed in
version 3.5.19-1.

We recommend that you upgrade your iceweasel packages.

Solution:
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202228-1

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2011-0065
Debian Security Information: DSA-2227 (Google Search)
http://www.debian.org/security/2011/dsa-2227
Debian Security Information: DSA-2228 (Google Search)
http://www.debian.org/security/2011/dsa-2228
Debian Security Information: DSA-2235 (Google Search)
http://www.debian.org/security/2011/dsa-2235
http://www.mandriva.com/security/advisories?name=MDVSA-2011:079
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:14142
http://securityreason.com/securityalert/8326
http://securityreason.com/securityalert/8331
http://securityreason.com/securityalert/8340
Common Vulnerability Exposure (CVE) ID: CVE-2011-0066
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:13970
Common Vulnerability Exposure (CVE) ID: CVE-2011-0067
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:14523
Common Vulnerability Exposure (CVE) ID: CVE-2011-0069
http://www.mandriva.com/security/advisories?name=MDVSA-2011:080
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:14065
Common Vulnerability Exposure (CVE) ID: CVE-2011-0070
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:14286
Common Vulnerability Exposure (CVE) ID: CVE-2011-0071
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:14058
Common Vulnerability Exposure (CVE) ID: CVE-2011-0072
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:14038
Common Vulnerability Exposure (CVE) ID: CVE-2011-0073
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:14020
http://securityreason.com/securityalert/8310
Common Vulnerability Exposure (CVE) ID: CVE-2011-0074
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:14317
Common Vulnerability Exposure (CVE) ID: CVE-2011-0075
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:14086
Common Vulnerability Exposure (CVE) ID: CVE-2011-0077
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:14193
Common Vulnerability Exposure (CVE) ID: CVE-2011-0078
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:14246
Common Vulnerability Exposure (CVE) ID: CVE-2011-0080
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:13866
Common Vulnerability Exposure (CVE) ID: CVE-2011-0081
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:13993
CopyrightCopyright (c) 2011 E-Soft Inc. http://www.securityspace.com

This is only one of 49323 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2016 E-Soft Inc. All rights reserved.