Debian: DSA-2296-1 Severe: Iceweasel Remote Threat Advisory
debian
August 17, 2011
Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox
Summary
Several vulnerabilities have been discovered in Iceweasel, a web browser
based on Firefox. The included XULRunner library provides rendering
services for several other applications included in Debian.
CVE-2011-0084
"regenrecht" discovered that incorrect pointer handling in the SVG
processing code could lead to the execution of arbitrary code.
CVE-2011-2378
"regenrecht" discovered that incorrect memory management in DOM
processing could lead to the execution of arbitrary code.
CVE-2011-2981
"moz_bug_r_a_4" discovered a Chrome privilege escalation
vulnerability in the event handler code.
CVE-2011-2982
Gary Kwong, Igor Bukanov, Nils and Bob Clary discovered memory
corruption bugs, which may lead to the execution of arbitrary code.
CVE-2011-2983
"shutdown" discovered an information leak in the handling of
RegExp.input.
CVE-2011-2984
"moz_bug_r_a4" discovered a Chrome privilege escalation vulnerability.
For the oldstable distribution (lenny), this problem has been fixed in
ve...
PREVIOUS
NEXT
Package: iceweasel
CVE ID: CVE-2011-0084 CVE-2011-2378 CVE-2011-2981 CVE-2011-2982
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!