Debian Security Advisory

DSA-1671-1 iceweasel -- several vulnerabilities

Date Reported:

24 Nov 2008

Affected Packages:

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2008-0017, CVE-2008-4582, CVE-2008-5012, CVE-2008-5013, CVE-2008-5014, CVE-2008-5017, CVE-2008-5018, CVE-2008-5021, CVE-2008-5022, CVE-2008-5023, CVE-2008-5024.

More information:

Several remote vulnerabilities have been discovered in the Iceweasel webbrowser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems:

CVE-2008-0017
Justin Schuh discovered that a buffer overflow in the http-index-format parser could lead to arbitrary code execution.
CVE-2008-4582
Liu Die Yu discovered an information leak through local shortcut files.
CVE-2008-5012
Georgi Guninski, Michal Zalewski and Chris Evan discovered that the canvas element could be used to bypass same-origin restrictions.
CVE-2008-5013
It was discovered that insufficient checks in the Flash plugin glue code could lead to arbitrary code execution.
CVE-2008-5014
Jesse Ruderman discovered that a programming error in the window.__proto__.__proto__ object could lead to arbitrary code execution.
CVE-2008-5017
It was discovered that crashes in the layout engine could lead to arbitrary code execution.
CVE-2008-5018
It was discovered that crashes in the Javascript engine could lead to arbitrary code execution.
CVE-2008-5021
It was discovered that a crash in the nsFrameManager might lead to the execution of arbitrary code.
CVE-2008-5022
moz_bug_r_a4 discovered that the same-origin check in nsXMLHttpRequest::NotifyEventListeners() could be bypassed.
CVE-2008-5023
Collin Jackson discovered that the -moz-binding property bypasses security checks on codebase principals.
CVE-2008-5024
Chris Evans discovered that quote characters were improperly escaped in the default namespace of E4X documents.

For the stable distribution (etch), these problems have been fixed in version 2.0.0.18-0etch1.

For the upcoming stable distribution (lenny) and the unstable distribution (sid), these problems have been fixed in version 3.0.4-1 of iceweasel and version 1.9.0.4-1 of xulrunner. Packages for arm and mips will be provided soon.

We recommend that you upgrade your iceweasel package.

Fixed in:

Debian GNU/Linux 4.0 (etch)

Source:: http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel_2.0.0.18-0etch1.diff.gz; http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel_2.0.0.18.orig.tar.gz; http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel_2.0.0.18-0etch1.dsc
Architecture-independent component:: http://security.debian.org/pool/updates/main/i/iceweasel/mozilla-firefox-gnome-support_2.0.0.18-0etch1_all.deb; http://security.debian.org/pool/updates/main/i/iceweasel/firefox-dom-inspector_2.0.0.18-0etch1_all.deb; http://security.debian.org/pool/updates/main/i/iceweasel/firefox-gnome-support_2.0.0.18-0etch1_all.deb; http://security.debian.org/pool/updates/main/i/iceweasel/firefox_2.0.0.18-0etch1_all.deb; http://security.debian.org/pool/updates/main/i/iceweasel/mozilla-firefox_2.0.0.18-0etch1_all.deb; http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-dom-inspector_2.0.0.18-0etch1_all.deb; http://security.debian.org/pool/updates/main/i/iceweasel/mozilla-firefox-dom-inspector_2.0.0.18-0etch1_all.deb
Alpha:: http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel_2.0.0.18-0etch1_alpha.deb; http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-dbg_2.0.0.18-0etch1_alpha.deb; http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-gnome-support_2.0.0.18-0etch1_alpha.deb
AMD64:: http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-gnome-support_2.0.0.18-0etch1_amd64.deb; http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-dbg_2.0.0.18-0etch1_amd64.deb; http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel_2.0.0.18-0etch1_amd64.deb
HP Precision:: http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-dbg_2.0.0.18-0etch1_hppa.deb; http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-gnome-support_2.0.0.18-0etch1_hppa.deb; http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel_2.0.0.18-0etch1_hppa.deb
Intel IA-32:: http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel_2.0.0.18-0etch1_i386.deb; http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-gnome-support_2.0.0.18-0etch1_i386.deb; http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-dbg_2.0.0.18-0etch1_i386.deb
Intel IA-64:: http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel_2.0.0.18-0etch1_ia64.deb; http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-dbg_2.0.0.18-0etch1_ia64.deb; http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-gnome-support_2.0.0.18-0etch1_ia64.deb
Little-endian MIPS:: http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-dbg_2.0.0.18-0etch1_mipsel.deb; http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel_2.0.0.18-0etch1_mipsel.deb; http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-gnome-support_2.0.0.18-0etch1_mipsel.deb
PowerPC:: http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-gnome-support_2.0.0.18-0etch1_powerpc.deb; http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-dbg_2.0.0.18-0etch1_powerpc.deb; http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel_2.0.0.18-0etch1_powerpc.deb
IBM S/390:: http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-dbg_2.0.0.18-0etch1_s390.deb; http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel_2.0.0.18-0etch1_s390.deb; http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-gnome-support_2.0.0.18-0etch1_s390.deb
Sun Sparc:: http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-dbg_2.0.0.18-0etch1_sparc.deb; http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-gnome-support_2.0.0.18-0etch1_sparc.deb; http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel_2.0.0.18-0etch1_sparc.deb

MD5 checksums of the listed files are available in the original advisory.