Debian Security Advisory DSA 1506-2 (iceape) Network Vulnerability

Summary

The remote host is missing an update to iceape announced via advisory DSA 1506-2.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201506-2

Insight

A regression has been fixed in iceape's frame handling code. For details, please visit the referenced advisories. For the stable distribution (etch), these problems have been fixed in version 1.0.12~pre080131b-0etch2. The Mozilla releases from the old stable distribution (sarge) are no longer supported with security updates. We recommend that you upgrade your iceape packages.

Severity

Classification

CVE CVE-2008-0412, CVE-2008-0413, CVE-2008-0414, CVE-2008-0415, CVE-2008-0417, CVE-2008-0418, CVE-2008-0419, CVE-2008-0591, CVE-2008-0592, CVE-2008-0593, CVE-2008-0594

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Debian Security Advisory DSA 079-2 (uucp)
Debian Security Advisory DSA 089-1 (icecast-server)
Debian Security Advisory DSA 081-1 (w3m, w3m-ssl)
Debian Security Advisory DSA 008-1 (dialog)
Debian Security Advisory DSA 1018-1 (kernel-source-2.4.27)

Take action and discover your vulnerabilities