what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Debian Security Advisory 2295-1

Debian Security Advisory 2295-1
Posted Aug 18, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2295-1 - Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2011-0084, CVE-2011-2378, CVE-2011-2981, CVE-2011-2982, CVE-2011-2983, CVE-2011-2984
SHA-256 | 95219bca0ef6e4dde58235d45a45ea554744df01190f82f59e0dd3dc26f57eaf

Debian Security Advisory 2295-1

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2295-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
August 17, 2011 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : iceape
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2011-0084 CVE-2011-2378 CVE-2011-2981 CVE-2011-2982
CVE-2011-2983 CVE-2011-2984

Several vulnerabilities have been found in the Iceape internet suite, an
unbranded version of Seamonkey:

CVE-2011-0084

"regenrecht" discovered that incorrect pointer handling in the SVG
processing code could lead to the execution of arbitrary code.

CVE-2011-2378

"regenrecht" discovered that incorrect memory management in DOM
processing could lead to the execution of arbitrary code.

CVE-2011-2981

"moz_bug_r_a_4" discovered a Chrome privilege escalation
vulnerability in the event handler code.

CVE-2011-2982

Gary Kwong, Igor Bukanov, Nils and Bob Clary discovered memory
corruption bugs, which may lead to the execution of arbitrary code.

CVE-2011-2983

"shutdown" discovered an information leak in the handling of
RegExp.input.

CVE-2011-2984

"moz_bug_r_a4" discovered a Chrome privilege escalation
vulnerability.

The oldstable distribution (lenny) is not affected. The iceape
package only provides the XPCOM code.

For the stable distribution (squeeze), this problem has been fixed in
version 2.0.11-7.

For the unstable distribution (sid), this problem has been fixed in
version 2.0.14-5.

We recommend that you upgrade your iceape packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk5L/BAACgkQXm3vHE4uyloBzACgnHzwn6NiyNtl5d7QPhQSJ9Fx
0LEAoJYadY0koJbJ+mh40vPpb6xFXB7e
=Izrx
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close