Vulnerability   
Search   
    Search 191973 CVE descriptions
and 86218 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.702716
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 2716-1 (iceweasel - several vulnerabilities)
Summary:Multiple security issues have been found in Iceweasel, Debian's version;of the Mozilla Firefox web browser: Multiple memory safety errors,;use-after-free vulnerabilities, missing permission checks, incorrect;memory handling and other implementation errors may lead to the execution;of arbitrary code, privilege escalation, information disclosure or;cross-site request forgery.;;The Iceweasel version in the oldstable distribution (squeeze) is no;longer supported with security updates.
Description:Summary:
Multiple security issues have been found in Iceweasel, Debian's version
of the Mozilla Firefox web browser: Multiple memory safety errors,
use-after-free vulnerabilities, missing permission checks, incorrect
memory handling and other implementation errors may lead to the execution
of arbitrary code, privilege escalation, information disclosure or
cross-site request forgery.

The Iceweasel version in the oldstable distribution (squeeze) is no
longer supported with security updates.

Affected Software/OS:
iceweasel on Debian Linux

Solution:
For the stable distribution (wheezy), these problems have been fixed in
version 17.0.7esr-1~
deb7u1.

For the unstable distribution (sid), these problems have been fixed in
version 17.0.7esr-1.

We recommend that you upgrade your iceweasel packages.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-1690
BugTraq ID: 60778
http://www.securityfocus.com/bid/60778
Debian Security Information: DSA-2716 (Google Search)
http://www.debian.org/security/2013/dsa-2716
Debian Security Information: DSA-2720 (Google Search)
http://www.debian.org/security/2013/dsa-2720
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16996
RedHat Security Advisories: RHSA-2013:0981
http://rhn.redhat.com/errata/RHSA-2013-0981.html
RedHat Security Advisories: RHSA-2013:0982
http://rhn.redhat.com/errata/RHSA-2013-0982.html
SuSE Security Announcement: SUSE-SU-2013:1152 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00010.html
SuSE Security Announcement: SUSE-SU-2013:1153 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00011.html
SuSE Security Announcement: openSUSE-SU-2013:1140 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00003.html
SuSE Security Announcement: openSUSE-SU-2013:1141 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00004.html
SuSE Security Announcement: openSUSE-SU-2013:1142 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00005.html
SuSE Security Announcement: openSUSE-SU-2013:1143 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00006.html
http://www.ubuntu.com/usn/USN-1890-1
http://www.ubuntu.com/usn/USN-1891-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-1687
BugTraq ID: 60777
http://www.securityfocus.com/bid/60777
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17117
Common Vulnerability Exposure (CVE) ID: CVE-2013-1697
BugTraq ID: 60784
http://www.securityfocus.com/bid/60784
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17243
Common Vulnerability Exposure (CVE) ID: CVE-2013-1684
BugTraq ID: 60766
http://www.securityfocus.com/bid/60766
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16604
Common Vulnerability Exposure (CVE) ID: CVE-2013-1685
BugTraq ID: 60773
http://www.securityfocus.com/bid/60773
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17330
Common Vulnerability Exposure (CVE) ID: CVE-2013-1694
BugTraq ID: 60776
http://www.securityfocus.com/bid/60776
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17405
Common Vulnerability Exposure (CVE) ID: CVE-2013-1686
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16576
Common Vulnerability Exposure (CVE) ID: CVE-2013-1693
BugTraq ID: 60787
http://www.securityfocus.com/bid/60787
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17075
Common Vulnerability Exposure (CVE) ID: CVE-2013-1682
BugTraq ID: 60765
http://www.securityfocus.com/bid/60765
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17392
Common Vulnerability Exposure (CVE) ID: CVE-2013-1692
BugTraq ID: 60783
http://www.securityfocus.com/bid/60783
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17096
CopyrightCopyright (C) 2013 Greenbone Networks GmbH http://greenbone.net

This is only one of 86218 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2020 E-Soft Inc. All rights reserved.