| Revision Date: | 2014-07-21 | Version: | 20 |
| Title: | DSA-2342-1 iceape -- several |
| Description: | Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey: CVE-2011-3647 "moz_bug_r_a4" discovered a privilege escalation vulnerability in addon handling. CVE-2011-3648 Yosuke Hasegawa discovered that incorrect handling of Shift-JIS encodings could lead to cross-site scripting. CVE-2011-3650 Marc Schoenefeld discovered that profiling the Javascript code could lead to memory corruption. The oldstable distribution is not affected. The iceape package only provides the XPCOM code. |
| Family: | unix | Class: | patch |
| Status: | ACCEPTED | Reference(s): | CVE-2011-3647
CVE-2011-3648
CVE-2011-3650
DSA-2342-1
|
| Platform(s): | Debian GNU/kFreeBSD 6.0
Debian GNU/Linux 6.0
| Product(s): | iceape
|
| Definition Synopsis |
| Debian 6.0 is installed AND GNU/Linux or GNU/kFreeBSD kernel
Debian GNU/Linux is installed
OR Debian GNU/kFreeBSD is installed
AND Installed architecture is all
AND iceape DPKG is earlier than 2.0.11-9
|