English | Deutsch | Español | Português
 Benutzerkennung:
 Passwort:
Registrieren
 About:   Dediziert  | Erweitert  | Standard  | Wiederkehrend  | Risikolos  | Desktop  | Basis  | Einmalig  | Sicherheits Siegel  | FAQ
  Preis/Funktionszusammenfassung  | Bestellen  | Neue Anfälligkeiten  | Vertraulichkeit  | Anfälligkeiten Suche
 Anfälligkeitssuche        Suche in 76783 CVE Beschreibungen
und 40246 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.58461
Kategorie:Red Hat Local Security Checks
Titel:RedHat Security Advisory RHSA-2007:0722
Zusammenfassung:Redhat Security Advisory RHSA-2007:0722
Beschreibung:
The remote host is missing updates announced in
advisory RHSA-2007:0722.

SeaMonkey is an open source Web browser, advanced email and newsgroup
client, IRC chat client, and HTML editor.

Several flaws were found in the way SeaMonkey processed certain malformed
JavaScript code. A web page containing malicious JavaScript code could
cause SeaMonkey to crash or potentially execute arbitrary code as the user
running SeaMonkey. (CVE-2007-3734, CVE-2007-3735, CVE-2007-3737, CVE-2007-3738)

Several content injection flaws were found in the way SeaMonkey handled
certain JavaScript code. A web page containing malicious JavaScript code
could inject arbitrary content into other web pages. (CVE-2007-3736,
CVE-2007-3089)

A flaw was found in the way SeaMonkey cached web pages on the local disk. A
malicious web page may be able to inject arbitrary HTML into a browsing
session if the user reloads a targeted site. (CVE-2007-3656)

Users of SeaMonkey are advised to upgrade to these erratum packages, which
contain backported patches that correct these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2007-0722.html
http://www.redhat.com/security/updates/classification/#critical

Risk factor : Critical
Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2007-3089
Bugtraq: 20070604 Assorted browser vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/archive/1/470446/100/0/threaded
Bugtraq: 20070720 rPSA-2007-0148-1 firefox thunderbird (Google Search)
http://www.securityfocus.com/archive/1/archive/1/474226/100/0/threaded
Bugtraq: 20070724 FLEA-2007-0033-1: firefox thunderbird (Google Search)
http://www.securityfocus.com/archive/1/archive/1/474542/100/0/threaded
http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0026.html
http://lcamtuf.coredump.cx/ifsnatch/
https://bugzilla.mozilla.org/show_bug.cgi?id=381300
https://bugzilla.mozilla.org/show_bug.cgi?id=382686
Debian Security Information: DSA-1337 (Google Search)
http://www.debian.org/security/2007/dsa-1337
Debian Security Information: DSA-1338 (Google Search)
http://www.debian.org/security/2007/dsa-1338
Debian Security Information: DSA-1339 (Google Search)
http://www.debian.org/security/2007/dsa-1339
http://www.gentoo.org/security/en/glsa/glsa-200708-09.xml
HPdes Security Advisory: HPSBUX02153
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
HPdes Security Advisory: SSRT061181
http://www.mandriva.com/security/advisories?name=MDKSA-2007:152
http://www.redhat.com/support/errata/RHSA-2007-0722.html
http://www.redhat.com/support/errata/RHSA-2007-0723.html
http://www.redhat.com/support/errata/RHSA-2007-0724.html
SGI Security Advisory: 20070701-01-P
ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103177-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1
SuSE Security Announcement: SUSE-SA:2007:049 (Google Search)
http://www.novell.com/linux/security/advisories/2007_49_mozilla.html
http://www.ubuntu.com/usn/usn-490-1
Cert/CC Advisory: TA07-199A
http://www.us-cert.gov/cas/techalerts/TA07-199A.html
CERT/CC vulnerability note: VU#143297
http://www.kb.cert.org/vuls/id/143297
BugTraq ID: 24286
http://www.securityfocus.com/bid/24286
http://osvdb.org/38024
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11122
http://www.vupen.com/english/advisories/2007/2564
http://www.vupen.com/english/advisories/2007/4256
http://www.securitytracker.com/id?1018412
http://secunia.com/advisories/26095
http://secunia.com/advisories/26103
http://secunia.com/advisories/26106
http://secunia.com/advisories/26107
http://secunia.com/advisories/25589
http://secunia.com/advisories/26179
http://secunia.com/advisories/26149
http://secunia.com/advisories/26151
http://secunia.com/advisories/26072
http://secunia.com/advisories/26211
http://secunia.com/advisories/26216
http://secunia.com/advisories/26204
http://secunia.com/advisories/26205
http://secunia.com/advisories/26159
http://secunia.com/advisories/26271
http://secunia.com/advisories/26258
http://secunia.com/advisories/26460
http://secunia.com/advisories/28135
http://securityreason.com/securityalert/2781
XForce ISS Database: firefox-iframe-security-bypass(34701)
http://xforce.iss.net/xforce/xfdb/34701
Common Vulnerability Exposure (CVE) ID: CVE-2007-3656
Bugtraq: 20070709 Firefox wyciwyg:// cache zone bypass (Google Search)
http://www.securityfocus.com/archive/1/archive/1/473191/100/0/threaded
http://lcamtuf.coredump.cx/ffcache/
BugTraq ID: 24831
http://www.securityfocus.com/bid/24831
http://osvdb.org/38028
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9105
http://www.securitytracker.com/id?1018411
http://secunia.com/advisories/25990
http://securityreason.com/securityalert/2872
XForce ISS Database: mozilla-wyciwyg-security-bypass(35298)
http://xforce.iss.net/xforce/xfdb/35298
Common Vulnerability Exposure (CVE) ID: CVE-2007-3734
Debian Security Information: DSA-1391 (Google Search)
http://www.debian.org/security/2007/dsa-1391
HPdes Security Advisory: HPSBUX02156
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579
HPdes Security Advisory: SSRT061236
http://www.mandriva.com/security/advisories?name=MDVSA-2007:047
http://www.mandriva.com/security/advisories?name=MDVSA-2008:047
http://www.ubuntu.com/usn/usn-503-1
BugTraq ID: 24946
http://www.securityfocus.com/bid/24946
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10108
http://www.vupen.com/english/advisories/2007/2565
http://www.vupen.com/english/advisories/2008/0082
http://www.securitytracker.com/id?1018408
http://secunia.com/advisories/26096
http://secunia.com/advisories/26176
http://secunia.com/advisories/26572
http://secunia.com/advisories/27326
http://secunia.com/advisories/28363
XForce ISS Database: mozilla-browser-engine-code-execution(35458)
http://xforce.iss.net/xforce/xfdb/35458
Common Vulnerability Exposure (CVE) ID: CVE-2007-3735
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11066
XForce ISS Database: mozilla-javascript-eng-code-execution(35459)
http://xforce.iss.net/xforce/xfdb/35459
Common Vulnerability Exposure (CVE) ID: CVE-2007-3736
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11749
http://www.securitytracker.com/id?1018410
XForce ISS Database: mozilla-addeventlistener-settimeout-xss(35462)
http://xforce.iss.net/xforce/xfdb/35462
Common Vulnerability Exposure (CVE) ID: CVE-2007-3737
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10009
http://www.securitytracker.com/id?1018409
XForce ISS Database: firefox-eventhandler-code-execution(35461)
http://xforce.iss.net/xforce/xfdb/35461
Common Vulnerability Exposure (CVE) ID: CVE-2007-3738
SuSE Security Announcement: SUSE-SA:2007:057 (Google Search)
http://www.novell.com/linux/security/advisories/2007_57_mozilla.html
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9875
http://www.securitytracker.com/id?1018414
XForce ISS Database: firefox-xpcnativewrapper-code-execution(35460)
http://xforce.iss.net/xforce/xfdb/35460
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 40246 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Registrierung eines neuen Benutzers
Email:
Benutzerkennung:
Passwort:
Bitte schicken Sie mir den monatlichen Newsletter, der mich über die neuesten Services, Verbesserungen und Umfragen informiert.
Bitte schicken Sie mir eine Anfälligkeitstest Benachrichtigung, wenn ein neuer Test hinzugefügt wird.
   Datenschutz
Anmeldung für registrierte Benutzer
 
Benutzerkennung:   
Passwort:  

 Benutzerkennung oder Passwort vergessen?
Email/Benutzerkennung:




Startseite | Über uns | Kontakt | Partnerprogramme | Developer APIs | Datenschutz | Mailinglisten | Missbrauch
Sicherheits Überprüfungen | Verwaltete DNS | Netzwerk Überwachung | Webseiten Analysator | Internet Recherche Berichte
Web Sonde | Whois

© 1998-2014 E-Soft Inc. Alle Rechte vorbehalten.