Debian DSA-3201-1 : iceweasel - security update
High Nessus Plugin ID 81999
SynopsisThe remote Debian host is missing a security-related update.
DescriptionMultiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser. The Common Vulnerabilities and Exposures project identifies the following problems :
- CVE-2015-0818 Mariusz Mlynski discovered a method to run arbitrary scripts in a privileged context. This bypassed the same-origin policy protections by using a flaw in the processing of SVG format content navigation.
SolutionUpgrade the iceweasel packages.
For the stable distribution (wheezy), these problems have been fixed in version 31.5.3esr-1~deb7u1.