Menu

e-bay Security Practices under investigation by US States      

Biggest ever Distributed Denial of Service (DDoS) attack on Cloudfare Networks       

Bitcoin Exchanges continue to suspended withdrawal operations      

Snowden accessed NSA confidential data using web scrapping tools      

Barclays Bank probing the breach of client data sold to rogue City traders      

New Snapchat Flaw Can DoS and Spam iOS and Android       

Multiple issues in Iceweasel, Debian's version of the Mozilla Firefox web browser

Published on: 2/10/2014

Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, too-verbose error messages and missing permission checks may lead to the execution of arbitrary code, the bypass of security

Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, too-verbose error messages and missing permission checks may lead to the execution of arbitrary code, the bypass of security 
- -------------------------------------------------------------------------
Debian Security Advisory DSA-2858-1                   security@debian.org
http://www.debian.org/security/                        Moritz Muehlenhoff
February 10, 2014                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : iceweasel
Vulnerability  : several
CVE ID         : CVE-2014-1477 CVE-2014-1479 CVE-2014-1481 CVE-2014-1482 
                 CVE-2014-1486 CVE-2014-1487 CVE-2014-1490 CVE-2014-1491

Multiple security issues have been found in Iceweasel, Debian's version
of the Mozilla Firefox web browser: Multiple memory safety errors, 
use-after-frees, too-verbose error messages and missing permission checks
may lead to the execution of arbitrary code, the bypass of security 
checks or information disclosure. This update also addresses security 
issues in the bundled version of the NSS crypto library.

This update updates Iceweasel to the ESR24 series of Firefox.

For the stable distribution (wheezy), these problems have been fixed in
version 24.3.0esr-1~deb7u1.

For the unstable distribution (sid), these problems have been fixed in
version 24.3.0esr-1.

We recommend that you upgrade your iceweasel packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----


Vulnerabilities in International Components for Unicode allow attackers to cause Denial of Service Attack

Two vulnerabilities in International Components for Unicode might allow remote attackers to cause a Denial of Service condition.
Read More

New Snapchat Flaw Can DoS and Spam iOS and Android

A security researcher has discovered a new flaw in Snapchat that allows users to deliver a denial of service attack against individual iOS or Android users, or alternatively more easily deliver spam to a large number of users. It is the latest in a series of problems experienced by Snapchat over the last few months.
Read More