Debian DSA-1671-1 : iceweasel - several vulnerabilities

critical Nessus Plugin ID 34950

Synopsis

The remote Debian host is missing a security-related update.

Description

Several remote vulnerabilities have been discovered in the Iceweasel webbrowser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems :

- CVE-2008-0017 Justin Schuh discovered that a buffer overflow in the http-index-format parser could lead to arbitrary code execution.

- CVE-2008-4582 Liu Die Yu discovered an information leak through local shortcut files.

- CVE-2008-5012 Georgi Guninski, Michal Zalewski and Chris Evan discovered that the canvas element could be used to bypass same-origin restrictions.

- CVE-2008-5013 It was discovered that insufficient checks in the Flash plugin glue code could lead to arbitrary code execution.

- CVE-2008-5014 Jesse Ruderman discovered that a programming error in the window.__proto__.__proto__ object could lead to arbitrary code execution.

- CVE-2008-5017 It was discovered that crashes in the layout engine could lead to arbitrary code execution.

- CVE-2008-5018 It was discovered that crashes in the JavaScript engine could lead to arbitrary code execution.

- CVE-2008-5021 It was discovered that a crash in the nsFrameManager might lead to the execution of arbitrary code.

- CVE-2008-5022 'moz_bug_r_a4' discovered that the same-origin check in nsXMLHttpRequest::NotifyEventListeners() could be bypassed.

- CVE-2008-5023 Collin Jackson discovered that the -moz-binding property bypasses security checks on codebase principals.

- CVE-2008-5024 Chris Evans discovered that quote characters were improperly escaped in the default namespace of E4X documents.

Solution

Upgrade the iceweasel package.

For the stable distribution (etch), these problems have been fixed in version 2.0.0.18-0etch1.

For the upcoming stable distribution (lenny) and the unstable distribution (sid), these problems have been fixed in version 3.0.4-1 of iceweasel and version 1.9.0.4-1 of xulrunner. Packages for arm and mips will be provided soon.

See Also

https://security-tracker.debian.org/tracker/CVE-2008-0017

https://security-tracker.debian.org/tracker/CVE-2008-4582

https://security-tracker.debian.org/tracker/CVE-2008-5012

https://security-tracker.debian.org/tracker/CVE-2008-5013

https://security-tracker.debian.org/tracker/CVE-2008-5014

https://security-tracker.debian.org/tracker/CVE-2008-5017

https://security-tracker.debian.org/tracker/CVE-2008-5018

https://security-tracker.debian.org/tracker/CVE-2008-5021

https://security-tracker.debian.org/tracker/CVE-2008-5022

https://security-tracker.debian.org/tracker/CVE-2008-5023

https://security-tracker.debian.org/tracker/CVE-2008-5024

https://www.debian.org/security/2008/dsa-1671

Plugin Details

Severity: Critical

ID: 34950

File Name: debian_DSA-1671.nasl

Version: 1.15

Type: local

Agent: unix

Published: 11/25/2008

Updated: 1/4/2021

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.1

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:debian:debian_linux:4.0, p-cpe:/a:debian:debian_linux:iceweasel

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Patch Publication Date: 11/24/2008

Reference Information

CVE: CVE-2008-0017, CVE-2008-4582, CVE-2008-5012, CVE-2008-5013, CVE-2008-5014, CVE-2008-5017, CVE-2008-5018, CVE-2008-5021, CVE-2008-5022, CVE-2008-5023, CVE-2008-5024

CWE: 119, 189, 20, 200, 264, 287, 399, 94

DSA: 1671