ID de Prueba:	1.3.6.1.4.1.25623.1.0.71824
Categoría:	Debian Local Security Checks
Título:	Debian Security Advisory DSA 2528-1 (icedove)
Resumen:	The remote host is missing an update to icedove;announced via advisory DSA 2528-1.
Descripción:	Summary: The remote host is missing an update to icedove announced via advisory DSA 2528-1. Vulnerability Insight: Several vulnerabilities were discovered in Icedove, Debian's version of the Mozilla Thunderbird mail and news client. CVE-2012-1948 Multiple unspecified vulnerabilities in the browser engine were fixed. CVE-2012-1950 The underlying browser engine allows address bar spoofing through drag-and-drop. CVE-2012-1954 A use-after-free vulnerability in the nsDocument::AdoptNode function allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code. CVE-2012-1967 An error in the implementation of the Javascript sandbox allows execution of Javascript code with improper privileges using javascript: URLs. For the stable distribution (squeeze), these problems have been fixed in version 3.0.11-1+squeeze12. For the testing distribution (wheezy) and the unstable distribution (sid), these problems have been fixed in version 10.0.6-1. Solution: We recommend that you upgrade your icedove packages. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-1948 BugTraq ID: 54580 http://www.securityfocus.com/bid/54580 Debian Security Information: DSA-2514 (Google Search) http://www.debian.org/security/2012/dsa-2514 Debian Security Information: DSA-2528 (Google Search) http://www.debian.org/security/2012/dsa-2528 http://osvdb.org/84007 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16744 RedHat Security Advisories: RHSA-2012:1088 http://rhn.redhat.com/errata/RHSA-2012-1088.html http://www.securitytracker.com/id?1027256 http://www.securitytracker.com/id?1027257 http://www.securitytracker.com/id?1027258 http://secunia.com/advisories/49963 http://secunia.com/advisories/49964 http://secunia.com/advisories/49965 http://secunia.com/advisories/49968 http://secunia.com/advisories/49972 http://secunia.com/advisories/49977 http://secunia.com/advisories/49979 http://secunia.com/advisories/49992 http://secunia.com/advisories/49993 http://secunia.com/advisories/49994 SuSE Security Announcement: SUSE-SU-2012:0895 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00011.html SuSE Security Announcement: SUSE-SU-2012:0896 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00012.html SuSE Security Announcement: openSUSE-SU-2012:0899 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00013.html SuSE Security Announcement: openSUSE-SU-2012:0917 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00016.html http://www.ubuntu.com/usn/USN-1509-1 http://www.ubuntu.com/usn/USN-1509-2 http://www.ubuntu.com/usn/USN-1510-1 Common Vulnerability Exposure (CVE) ID: CVE-2012-1950 http://osvdb.org/84008 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16970 Common Vulnerability Exposure (CVE) ID: CVE-2012-1954 BugTraq ID: 54578 http://www.securityfocus.com/bid/54578 http://osvdb.org/83995 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16984 Common Vulnerability Exposure (CVE) ID: CVE-2012-1967 BugTraq ID: 54573 http://www.securityfocus.com/bid/54573 http://osvdb.org/84013 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17025
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.