Debian Security Advisory DSA 1532-1 (xulrunner) Network Vulnerability

Summary

The remote host is missing an update to xulrunner announced via advisory DSA 1532-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201532-1

Insight

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. For details, please visit the referenced security advisories. For the stable distribution (etch), these problems have been fixed in version 1.8.0.15~pre080323b-0etch1. The Mozilla products from the old stable distribution (sarge) are no longer supported. For the unstable distribution (sid), these problems have been fixed in version 1.8.1.13-1. We recommend that you upgrade your xulrunner packages.

Severity

Classification

CVE CVE-2007-3738, CVE-2007-4879, CVE-2007-5338, CVE-2008-1233, CVE-2008-1234, CVE-2008-1235, CVE-2008-1236, CVE-2008-1237, CVE-2008-1238, CVE-2008-1240, CVE-2008-1241

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Debian Security Advisory DSA 1067-1 (kernel 2.4.16)
Debian Security Advisory DSA 1044-1 (mozilla-firefox)
Debian Security Advisory DSA 091-1 (ssh)
Debian Security Advisory DSA 1034-1 (horde2)
Debian Security Advisory DSA 1037-1 (zgv)

Take action and discover your vulnerabilities