Test ID:	1.3.6.1.4.1.25623.1.0.702513
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DSA-2513-1)
Summary:	The remote host is missing an update for the Debian 'iceape' package(s) announced via the DSA-2513-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'iceape' package(s) announced via the DSA-2513-1 advisory. Vulnerability Insight: Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey: CVE-2012-1948 Benoit Jacob, Jesse Ruderman, Christian Holler, and Bill McCloskey identified several memory safety problems that may lead to the execution of arbitrary code. CVE-2012-1954 Abhishek Arya discovered a use-after-free problem in nsDocument::AdoptNode that may lead to the execution of arbitrary code. CVE-2012-1967 moz_bug_r_a4 discovered that in certain cases, javascript: URLs can be executed so that scripts can escape the JavaScript sandbox and run with elevated privileges. This can lead to arbitrary code execution. For the stable distribution (squeeze), this problem has been fixed in version 2.0.11-14. For the unstable (sid) and testing (wheezy) distribution, this problem will be fixed soon. We recommend that you upgrade your iceape packages. Affected Software/OS: 'iceape' package(s) on Debian 6. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2012-1948 BugTraq ID: 54580 http://www.securityfocus.com/bid/54580 Debian Security Information: DSA-2514 (Google Search) http://www.debian.org/security/2012/dsa-2514 Debian Security Information: DSA-2528 (Google Search) http://www.debian.org/security/2012/dsa-2528 http://osvdb.org/84007 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16744 RedHat Security Advisories: RHSA-2012:1088 http://rhn.redhat.com/errata/RHSA-2012-1088.html http://www.securitytracker.com/id?1027256 http://www.securitytracker.com/id?1027257 http://www.securitytracker.com/id?1027258 http://secunia.com/advisories/49963 http://secunia.com/advisories/49964 http://secunia.com/advisories/49965 http://secunia.com/advisories/49968 http://secunia.com/advisories/49972 http://secunia.com/advisories/49977 http://secunia.com/advisories/49979 http://secunia.com/advisories/49992 http://secunia.com/advisories/49993 http://secunia.com/advisories/49994 SuSE Security Announcement: SUSE-SU-2012:0895 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html SuSE Security Announcement: SUSE-SU-2012:0896 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html SuSE Security Announcement: openSUSE-SU-2012:0899 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html SuSE Security Announcement: openSUSE-SU-2012:0917 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html http://www.ubuntu.com/usn/USN-1509-1 http://www.ubuntu.com/usn/USN-1509-2 http://www.ubuntu.com/usn/USN-1510-1 Common Vulnerability Exposure (CVE) ID: CVE-2012-1954 BugTraq ID: 54578 http://www.securityfocus.com/bid/54578 http://osvdb.org/83995 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16984 Common Vulnerability Exposure (CVE) ID: CVE-2012-1967 BugTraq ID: 54573 http://www.securityfocus.com/bid/54573 http://osvdb.org/84013 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17025
Copyright	Copyright (C) 2013 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.