oval:org.mitre.oval:def:14910
| Definition Id: oval:org.mitre.oval:def:14910 | |||
| Oval ID: | oval:org.mitre.oval:def:14910 | ||
| Title: | DSA-2317-1 icedove -- several | ||
| Description: | CVE-2011-2372 Mariusz Mlynski discovered that websites could open a download dialog - which has "open" as the default action -, while a user presses the ENTER key. CVE-2011-2995 Benjamin Smedberg, Bob Clary and Jesse Ruderman discovered crashes in the rendering engine, which could lead to the execution of arbitrary code. CVE-2011-2998 Mark Kaplan discovered an integer underflow in the javascript engine, which could lead to the execution of arbitrary code. CVE-2011-2999 Boris Zbarsky discovered that incorrect handling of the window.location object could lead to bypasses of the same-origin policy. CVE-2011-3000 Ian Graham discovered that multiple Location headers might lead to CRLF injection. As indicated in the Lenny release notes, security support for the Icedove packages in the oldstable needed to be stopped before the end of the regular Lenny security maintenance life cycle. You are strongly encouraged to upgrade to stable or switch to a different mail client. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2317-1 CVE-2011-2372 CVE-2011-2995 CVE-2011-2998 CVE-2011-2999 CVE-2011-3000 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | icedove |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:12959 | |||
| Oval ID: | oval:org.mitre.oval:def:12959 | ||
| Title: | Debian 6.0 is installed | ||
| Description: | Debian 6.0 (squeeze) is installed | ||
| Family: | unix | Class: | inventory |
| Reference(s): | cpe:/o:debian:debian:6.0 | Version: | 6 |
| Platform(s): | Debian 6.0 | Product(s): | |
| Definition Synopsis: | |||
| Referenced By: | |||
| oval:org.mitre.oval:def:14910 | |||
| Definition Id: oval:org.mitre.oval:def:24698 | |||
| Oval ID: | oval:org.mitre.oval:def:24698 | ||
| Title: | Debian GNU/kFreeBSD is installed | ||
| Description: | Debian GNU/kFreeBSD is installed | ||
| Family: | unix | Class: | inventory |
| Reference(s): | cpe:/o:debian:debian_gnu/kfreebsd | Version: | 3 |
| Platform(s): | Debian GNU/kFreeBSD | Product(s): | |
| Definition Synopsis: | |||
| Referenced By: | |||
| oval:org.mitre.oval:def:14910 | |||
| Definition Id: oval:org.mitre.oval:def:24894 | |||
| Oval ID: | oval:org.mitre.oval:def:24894 | ||
| Title: | Debian GNU/Linux is installed | ||
| Description: | Debian GNU/Linux is installed | ||
| Family: | unix | Class: | inventory |
| Reference(s): | cpe:/o:debian:debian_gnu/linux | Version: | 3 |
| Platform(s): | Debian GNU/Linux | Product(s): | |
| Definition Synopsis: | |||
| Referenced By: | |||
| oval:org.mitre.oval:def:14910 | |||
