Debian Lenny DSA-1886-1 Critical: Iceweasel Remote Threat Detected
debian
September 14, 2009
Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser
Topics Covered
Summary
Several remote vulnerabilities have been discovered in the Iceweasel web
browser, an unbranded version of the Firefox browser. The Common
Vulnerabilities and Exposures project identifies the following problems:
CVE-2009-3079
"moz_bug_r_a4" discovered that a programming error in the FeedWriter
module could lead to the execution of Javascript code with elevated
privileges.
CVE-2009-1310
Prateek Saxena discovered a cross-site scripting vulnerability in
the MozSearch plugin interface.
For the stable distribution (lenny), these problems have been fixed in
version 3.0.6-3.
As indicated in the Etch release notes, security support for the
Mozilla products in the oldstable distribution needed to be stopped
before the end of the regular Etch security maintenance life cycle.
You are strongly encouraged to upgrade to stable or switch to a still
supported browser.
For the unstable distribution (sid), these problems have been fixed in
version 3.0.14-1.
For the experimental distribution, these problem...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: iceweasel
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!