Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Debian 4.0 DSA-1697-1 Critical: Iceape Remote Threats Alert

debian
Calendar Grey January 7, 2009
Scroller Debian
Debian DSA-1697-2 outlines security flaws in the Iceweasel browser package and includes instructions for upgrading.
Several remote vulnerabilities have been discovered in Iceape an unbranded version of the Seamonkey internet suite

Summary

Several remote vulnerabilities have been discovered in Iceape an
unbranded version of the Seamonkey internet suite. The Common
Vulnerabilities and Exposures project identifies the following problems:

CVE-2008-0016

Justin Schuh, Tom Cross and Peter Williams discovered a buffer
overflow in the parser for UTF-8 URLs, which may lead to the
execution of arbitrary code. (MFSA 2008-37)

CVE-2008-0304

It was discovered that a buffer overflow in MIME decoding can lead
to the execution of arbitrary code. (MFSA 2008-26)

CVE-2008-2785

It was discovered that missing boundary checks on a reference
counter for CSS objects can lead to the execution of arbitrary code.
(MFSA 2008-34)

CVE-2008-2798

Devon Hubbard, Jesse Ruderman and Martijn Wargers discovered
crashes in the layout engine, which might allow the execution of
arbitrary code. (MFSA 2008-21)

CVE-2008-2799

Igor Bukanov, Jesse Ruderman and Gary Kwong discovered crashes in
the Javascript engine, which might allow th...

Read the Full Advisory

Severity
critical
Lowest
Low
Medium
High
Critical

Package: iceape
CVE ID: CVE-2008-0016 CVE-2008-0304 CVE-2008-2785 CVE-2008-2798 CVE-2008-2799 CVE-2008-2800

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.