DSA-1614 iceweasel -- several vulnerabilitiesID: oval:org.mitre.oval:def:7461 | Date: (C)2009-12-15 (M)2023-11-09 |
Class: PATCH | Family: unix |
Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems: It was discovered that missing boundary checks on a reference counter for CSS objects can lead to the execution of arbitrary code. Billy Rios discovered that passing an URL containing a pipe symbol to Iceweasel can lead to Chrome privilege escalation.