Debian Security Advisory DSA 1558-1 (xulrunner) Network Vulnerability

Summary

The remote host is missing an update to xulrunner announced via advisory DSA 1558-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201558-1

Insight

It was discovered that crashes in the Javascript engine of xulrunner, the Gecko engine library, could potentially lead to the execution of arbitrary code. For the stable distribution (etch), this problem has been fixed in version 1.8.0.15~pre080323b-0etch2. For the unstable distribution (sid), this problem has been fixed in version 1.8.1.14-1. We recommend that you upgrade your xulrunner packages.

Severity

Classification

CVE CVE-2008-1380

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Debian Security Advisory DSA 1021-1 (netpbm-free)
Debian Security Advisory DSA 1008-1 (kdegraphics)
Debian Security Advisory DSA 1070-1 (kernel-source-2.4.19,kernel-image-sparc-2.4,kernel-patch-2.4.19-mips)
Debian Security Advisory DSA 065-1 (samba)
Debian Security Advisory DSA 1029-1 (libphp-adodb)

Take action and discover your vulnerabilities