Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian.
CVE-2012-0467 Bob Clary, Christian Holler, Brian Hackett, Bobby Holley, Gary Kwong, Hilary Hall, Honza Bambas, Jesse Ruderman, Julian Seward, and Olli Pettay discovered memory corruption bugs, which may lead to the execution of arbitrary code.
CVE-2012-0470 Atte Kettunen discovered that a memory corruption bug in gfxImageSurface may lead to the execution of arbitrary code.
CVE-2012-0471 Anne van Kesteren discovered that incorrect multibyte character encoding may lead to cross-site scripting.
CVE-2012-0477 Masato Kinugawa discovered that incorrect encoding of Korean and Chinese character sets may lead to cross-site scripting.
CVE-2012-0479 Jeroen van der Gun discovered a spoofing vulnerability in the presentation of Atom and RSS feeds over HTTPS.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DSA-2457. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(58854);
script_version("1.15");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2012-0467", "CVE-2012-0470", "CVE-2012-0471", "CVE-2012-0477", "CVE-2012-0479");
script_bugtraq_id(53219, 53223, 53224, 53225, 53229);
script_xref(name:"DSA", value:"2457");
script_name(english:"Debian DSA-2457-2 : iceweasel - several vulnerabilities");
script_summary(english:"Checks dpkg output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Debian host is missing a security-related update."
);
script_set_attribute(
attribute:"description",
value:
"Several vulnerabilities have been discovered in Iceweasel, a web
browser based on Firefox. The included XULRunner library provides
rendering services for several other applications included in Debian.
- CVE-2012-0467
Bob Clary, Christian Holler, Brian Hackett, Bobby
Holley, Gary Kwong, Hilary Hall, Honza Bambas, Jesse
Ruderman, Julian Seward, and Olli Pettay discovered
memory corruption bugs, which may lead to the execution
of arbitrary code.
- CVE-2012-0470
Atte Kettunen discovered that a memory corruption bug in
gfxImageSurface may lead to the execution of arbitrary
code.
- CVE-2012-0471
Anne van Kesteren discovered that incorrect multibyte
character encoding may lead to cross-site scripting.
- CVE-2012-0477
Masato Kinugawa discovered that incorrect encoding of
Korean and Chinese character sets may lead to cross-site
scripting.
- CVE-2012-0479
Jeroen van der Gun discovered a spoofing vulnerability
in the presentation of Atom and RSS feeds over HTTPS."
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2012-0467"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2012-0470"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2012-0471"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2012-0477"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2012-0479"
);
script_set_attribute(
attribute:"see_also",
value:"https://packages.debian.org/source/squeeze/iceweasel"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.debian.org/security/2012/dsa-2457"
);
script_set_attribute(
attribute:"solution",
value:
"Upgrade the iceweasel packages.
For the stable distribution (squeeze), this problem has been fixed in
version 3.5.16-15."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:iceweasel");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0");
script_set_attribute(attribute:"patch_publication_date", value:"2012/05/13");
script_set_attribute(attribute:"plugin_publication_date", value:"2012/04/25");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Debian Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"6.0", prefix:"iceweasel", reference:"3.5.16-15")) flag++;
if (deb_check(release:"6.0", prefix:"iceweasel-dbg", reference:"3.5.16-15")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
Vendor | Product | Version | CPE |
---|---|---|---|
debian | debian_linux | iceweasel | p-cpe:/a:debian:debian_linux:iceweasel |
debian | debian_linux | 6.0 | cpe:/o:debian:debian_linux:6.0 |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0467
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0470
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0471
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0477
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0479
packages.debian.org/source/squeeze/iceweasel
security-tracker.debian.org/tracker/CVE-2012-0467
security-tracker.debian.org/tracker/CVE-2012-0470
security-tracker.debian.org/tracker/CVE-2012-0471
security-tracker.debian.org/tracker/CVE-2012-0477
security-tracker.debian.org/tracker/CVE-2012-0479
www.debian.org/security/2012/dsa-2457