Download
| Alert*
oval:org.secpod.oval:def:602428
This update disables the Graphite font shaping library in Iceweasel, Debian"s version of the Mozilla Firefox web browser. oval:org.secpod.oval:def:600757 Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian. CVE-2012-0455 Soroush Dalili discovered that a cross-site scripting countermeasure related to Javas ... oval:org.secpod.oval:def:600787 Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian. CVE-2012-0467 Bob Clary, Christian Holler, Brian Hackett, Bobby Holley, Gary Kwong, Hilary Hall, Ho ... oval:org.secpod.oval:def:600828 Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian. CVE-2012-1937 Mozilla developers discovered several memory corruption bugs, which may lead to the e ... oval:org.secpod.oval:def:600905 Multiple vulnerabilities have been discovered in Iceweasel, Debian"s version of the Mozilla Firefox web browser. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2012-3982 Multiple unspecified vulnerabilities in the browser engine allow remote attackers to caus ... oval:org.secpod.oval:def:601318 iceweasel is installed oval:org.secpod.oval:def:600577 Several vulnerabilities have been found in Iceweasel, a web browser based on Firefox: CVE-2011-0083 / CVE-2011-2363 "regenrecht" discovered two use-after-frees in SVG processing, which could lead to the execution of arbitrary code. CVE-2011-0085 "regenrecht" discovered a use-afte ... oval:org.secpod.oval:def:600210 Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian. CVE-2010-1585 Roberto Suggi Liverani discovered that the sanitising performed by ParanoidFragmentSi ... oval:org.secpod.oval:def:600892 Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian. The reported vulnerabilities could lead to the execution of arbitrary code or the bypass of content ... oval:org.secpod.oval:def:600851 Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian. CVE-2012-1948 Benoit Jacob, Jesse Ruderman, Christian Holler, and Bill McCloskey identified several ... oval:org.secpod.oval:def:600720 Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian. CVE-2011-3670 Gregory Fleischer discovered that IPv6 URLs were incorrectly parsed, resulting in pot ... oval:org.secpod.oval:def:600602 Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian. CVE-2011-0084 "regenrecht" discovered that incorrect pointer handling in the SVG processi ... oval:org.secpod.oval:def:600802 The updates DSA-2457 and DSA-2458 for Iceweasel and Icedove introduced a regression, which could lead to crashes when interpreting some Javascript statements. For the stable distribution , this problem has been fixed in version 3.5.16-15 oval:org.secpod.oval:def:600924 Multiple vulnerabilities have been found in Iceweasel, the Debian web browser based on Mozilla Firefox: CVE-2012-5829 Heap-based buffer overflow in the nsWindow::OnExposeEvent function could allow remote attackers to execute arbitrary code. CVE-2012-5842 Multiple unspecified vulnerabilities in the b ... oval:org.secpod.oval:def:600241 Several vulnerabilities have been found in Iceweasel, a web browser based on Firefox: CVE-2011-0069 CVE-2011-0070 CVE-2011-0072 CVE-2011-0074 CVE-2011-0075 CVE-2011-0077 CVE-2011-0078 CVE-2011-0080 CVE-2011-0081 "Scoobidiver", Ian Beer Bob Clary, Henri Sivonen, Marco Bonardo, Mats Palmgren ... oval:org.secpod.oval:def:79853 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, spoofing or sandbox bypass. oval:org.secpod.oval:def:606125 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure, spoofing or sandbox bypass. oval:org.secpod.oval:def:608620 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing. oval:org.secpod.oval:def:607888 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or spoofing. oval:org.secpod.oval:def:605882 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or spoofing. oval:org.secpod.oval:def:88343 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or spoofing. oval:org.secpod.oval:def:80397 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or spoofing. oval:org.secpod.oval:def:88370 Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing. oval:org.secpod.oval:def:88383 Multiple security issues have been found in the Mozilla Firefox web browser, which could result in spoofing. oval:org.secpod.oval:def:601045 Multiple security issues have been found in Iceweasel, Debian"s version of the Mozilla Firefox web browser: Multiple memory safety errors, missing input sanitising vulnerabilities, use-after-free vulnerabilities, buffer overflows and other programming errors may lead to the execution of arbitrary co ... oval:org.secpod.oval:def:601083 Multiple security issues have been found in Iceweasel, Debian"s version of the Mozilla Firefox web browser: Multiple memory safety errors, missing permission checks and other implementation errors may lead to the execution of arbitrary code, cross-site scripting, privilege escalation, bypass of the ... oval:org.secpod.oval:def:601108 Multiple security issues have been found in Iceweasel, Debian"s version of the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows may lead to the execution of arbitrary code. The Iceweasel version in the oldstable distribution is no longer supported with security updates. oval:org.secpod.oval:def:601064 Multiple security issues have been found in Iceweasel, Debian"s version of the Mozilla Firefox web browser: Multiple memory safety errors, use-after-free vulnerabilities, missing permission checks, incorrect memory handling and other implementaton errors may lead to the execution of arbitrary code, ... oval:org.secpod.oval:def:601804 Multiple security issues have been found in Iceweasel, Debian"s version of the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows, use-after-frees and other implementation errors may lead to the execution of arbitrary code, denial of service, the bypass of the same-origin p ... oval:org.secpod.oval:def:601834 The previous update for iceweasel in DSA-3050-1 did not contain builds for the armhf architecture due to an error in the Debian packaging specific to the armhf build. This update corrects that problem. For reference, the original advisory text follows. Multiple security issues have been found in Ice ... oval:org.secpod.oval:def:601911 Multiple security issues have been found in Iceweasel, Debian"s version of the Mozilla Firefox web browser: Multiple memory safety errors and implementation errors may lead to the execution of arbitrary code, information leaks or denial of service. oval:org.secpod.oval:def:602005 Multiple security issues have been found in Iceweasel, Debian"s version of the Mozilla Firefox web browser. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-0817 ilxu1a reported a flaw in Mozilla"s implementation of typed array bounds checking in JavaScrip ... oval:org.secpod.oval:def:601231 Multiple security issues have been found in Iceweasel, Debian"s version of the Mozilla Firefox web browser: Multiple memory safety errors, out of bound reads, use-after-frees and other implementation errors may lead to the execution of arbitrary code, information disclosure, denial of service. oval:org.secpod.oval:def:601786 Antoine Delignat-Lavaud from Inria discovered an issue in the way NSS , was parsing ASN.1 data used in signatures, making it vulnerable to a signature forgery attack. An attacker could craft ASN.1 data to forge RSA certificates with a valid certification chain to a trusted CA. oval:org.secpod.oval:def:21034 Multiple security issues have been found in Iceweasel, Debian"s version of the Mozilla Firefox web browser: Multiple memory safety errors and use-after-frees may lead to the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:601138 Multiple security issues have been found in iceweasel, Debian"s version of the Mozilla Firefox web browser: multiple memory safety errors, and other implementation errors may lead to the execution of arbitrary code. The iceweasel version in the oldstable distribution is no longer supported with sec ... oval:org.secpod.oval:def:601856 Multiple security issues have been found in Iceweasel, Debian"s version of the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows, use-after-frees and other implementation errors may lead to the execution of arbitrary code, the bypass of security restrictions or denial of s ... oval:org.secpod.oval:def:601972 Multiple security issues have been found in Iceweasel, Debian"s version of the Mozilla Firefox web browser: Multiple memory safety errors and implementation errors may lead to the execution of arbitrary code or information disclosure. oval:org.secpod.oval:def:602024 Multiple security issues have been found in Iceweasel, Debian"s version of the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees and other implementation errors may lead to the execution of arbitrary code, the bypass of security restrictions, denial of service or cross-site ... oval:org.secpod.oval:def:602215 Multiple security issues have been found in Iceweasel, Debian"s version of the Mozilla Firefox web browser. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-4497 Jean-Max Reymond and Ucha Gobejishvili discovered a use-after-free vulnerability which occurs ... oval:org.secpod.oval:def:602091 Multiple security issues have been found in Iceweasel, Debian"s version of the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows and use-after-frees may lead to the execution of arbitrary code, privilege escalation or denial of service. oval:org.secpod.oval:def:602413 Multiple security issues have been found in Iceweasel, Debian"s version of the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows, use-after-frees and other implementation errors may lead to the execution of arbitrary code, denial of service, address bar spoofing and overwr ... oval:org.secpod.oval:def:602372 Holger Fuhrmannek discovered that missing input sanitising in the Graphite font rendering engine could result in the execution of arbitrary code. oval:org.secpod.oval:def:602200 Multiple security issues have been found in Iceweasel, Debian"s version of the Mozilla Firefox web browser: Multiple memory safety errors, integer overflows, buffer overflows, use-after-frees and other implementation errors may lead to the execution of arbitrary code, bypass of the same-origin polic ... oval:org.secpod.oval:def:602486 Multiple security issues have been found in Iceweasel, Debian"s version of the Mozilla Firefox web browser: Multiple memory safety errors and buffer overflows may lead to the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:602240 Multiple security issues have been found in Iceweasel, Debian"s version of the Mozilla Firefox web browser: Multiple memory safety errors, integer overflows, buffer overflows, use-after-frees and other implementation errors may lead to the execution of arbitrary code, information disclosure or denia ... oval:org.secpod.oval:def:602269 Multiple security issues have been found in Iceweasel, Debian"s version of the Mozilla Firefox web browser: Multiple memory safety errors, integer overflows, buffer overflows and other implementation errors may lead to the execution of arbitrary code, information disclosure or denial of service. oval:org.secpod.oval:def:602347 Multiple security issues have been found in Iceweasel, Debian"s version of the Mozilla Firefox web browser: Multiple memory safety errors and a buffer overflow may lead to the execution of arbitrary code. In addition the bundled NSS crypto library addresses the SLOTH attack on TLS 1.2. oval:org.secpod.oval:def:602308 Multiple security issues have been found in Iceweasel, Debian"s version of the Mozilla Firefox web browser: Multiple memory safety errors, integer overflows, use-after-frees and other implementation errors may lead to the execution of arbitrary code, bypass of the same-origin policy or denial of ser ... oval:org.secpod.oval:def:602160 Multiple security issues have been found in Iceweasel, Debian"s version of the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees and other implementation errors may lead to the execution of arbitrary code or denial of service. This update also addresses a vulnerability in D ... oval:org.secpod.oval:def:601723 Multiple security issues have been found in Iceweasel, Debian"s version of the Mozilla Firefox web browser: Multiple memory safety errors and use-after-frees may lead to the execution of arbitrary code or denial of service. oval:org.secpod.oval:def:601211 Multiple security issues have been found in Iceweasel, Debian"s version of the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, too-verbose error messages and missing permission checks may lead to the execution of arbitrary code, the bypass of security checks or informati ... oval:org.secpod.oval:def:600691 Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian. CVE-2011-3647 "moz_bug_r_a4" discovered a privilege escalation vulnerability in addon han ... |