English | Deutsch | Español | Português
 Benutzerkennung:
 Passwort:
Registrieren
 About:   Dediziert  | Erweitert  | Standard  | Wiederkehrend  | Risikolos  | Desktop  | Basis  | Einmalig  | Sicherheits Siegel  | FAQ
  Preis/Funktionszusammenfassung  | Bestellen  | Neue Anfälligkeiten  | Vertraulichkeit  | Anfälligkeiten Suche
 Anfälligkeitssuche        Suche in 72022 CVE Beschreibungen
und 38680 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.61195
Kategorie:Red Hat Local Security Checks
Titel:RedHat Security Advisory RHSA-2008:0547
Zusammenfassung:Redhat Security Advisory RHSA-2008:0547
Beschreibung:
The remote host is missing updates announced in
advisory RHSA-2008:0547.

SeaMonkey is an open source Web browser, advanced email and newsgroup
client, IRC chat client, and HTML editor.

Multiple flaws were found in the processing of malformed JavaScript
content. A web page containing such malicious content could cause SeaMonkey
to crash or, potentially, execute arbitrary code as the user running
SeaMonkey. (CVE-2008-2801, CVE-2008-2802, CVE-2008-2803)

Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause SeaMonkey to crash or,
potentially, execute arbitrary code as the user running SeaMonkey.
(CVE-2008-2798, CVE-2008-2799, CVE-2008-2811)

Several flaws were found in the way malformed web content was displayed. A
web page containing specially-crafted content could potentially trick a
SeaMonkey user into surrendering sensitive information. (CVE-2008-2800)

Two local file disclosure flaws were found in SeaMonkey. A web page
containing malicious content could cause SeaMonkey to reveal the contents
of a local file to a remote attacker. (CVE-2008-2805, CVE-2008-2810)

A flaw was found in the way a malformed .properties file was processed by
SeaMonkey. A malicious extension could read uninitialized memory, possibly
leaking sensitive data to the extension. (CVE-2008-2807)

A flaw was found in the way SeaMonkey escaped a listing of local file
names. If a user could be tricked into listing a local directory containing
malicious file names, arbitrary JavaScript could be run with the
permissions of the user running SeaMonkey. (CVE-2008-2808)

A flaw was found in the way SeaMonkey displayed information about
self-signed certificates. It was possible for a self-signed certificate to
contain multiple alternate name entries, which were not all displayed to
the user, allowing them to mistakenly extend trust to an unknown site.
(CVE-2008-2809)

All SeaMonkey users should upgrade to these updated packages, which contain
backported patches to resolve these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2008-0547.html
http://www.redhat.com/security/updates/classification/#critical

Risk factor : Critical
Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2008-2798
Bugtraq: 20080708 rPSA-2008-0216-1 firefox (Google Search)
http://www.securityfocus.com/archive/1/archive/1/494080/100/0/threaded
Debian Security Information: DSA-1607 (Google Search)
http://www.debian.org/security/2008/dsa-1607
Debian Security Information: DSA-1615 (Google Search)
http://www.debian.org/security/2008/dsa-1615
Debian Security Information: DSA-1621 (Google Search)
http://www.debian.org/security/2008/dsa-1621
Debian Security Information: DSA-1697 (Google Search)
http://www.debian.org/security/2009/dsa-1697
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00207.html
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00288.html
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00295.html
https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00144.html
https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00125.html
http://security.gentoo.org/glsa/glsa-200808-03.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:136
http://www.mandriva.com/security/advisories?name=MDVSA-2008:155
http://www.redhat.com/support/errata/RHSA-2008-0547.html
http://www.redhat.com/support/errata/RHSA-2008-0549.html
http://www.redhat.com/support/errata/RHSA-2008-0569.html
RedHat Security Advisories: RHSA-2008:0616
http://rhn.redhat.com/errata/RHSA-2008-0616.html
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.383152
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.410484
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.384911
SuSE Security Announcement: SUSE-SA:2008:034 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00004.html
http://www.ubuntu.com/usn/usn-619-1
http://www.ubuntu.com/usn/usn-629-1
BugTraq ID: 30038
http://www.securityfocus.com/bid/30038
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10087
http://secunia.com/advisories/31076
http://www.vupen.com/english/advisories/2008/1993/references
http://www.securitytracker.com/id?1020419
http://secunia.com/advisories/30911
http://secunia.com/advisories/30915
http://secunia.com/advisories/30878
http://secunia.com/advisories/30898
http://secunia.com/advisories/30903
http://secunia.com/advisories/30949
http://secunia.com/advisories/31005
http://secunia.com/advisories/31008
http://secunia.com/advisories/31069
http://secunia.com/advisories/31023
http://secunia.com/advisories/31183
http://secunia.com/advisories/31195
http://secunia.com/advisories/31220
http://secunia.com/advisories/31253
http://secunia.com/advisories/31377
http://secunia.com/advisories/31286
http://secunia.com/advisories/31403
http://secunia.com/advisories/31021
http://secunia.com/advisories/33433
Common Vulnerability Exposure (CVE) ID: CVE-2008-2799
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10743
Common Vulnerability Exposure (CVE) ID: CVE-2008-2800
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9386
http://secunia.com/advisories/34501
http://www.vupen.com/english/advisories/2009/0977
Common Vulnerability Exposure (CVE) ID: CVE-2008-2801
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11810
Common Vulnerability Exposure (CVE) ID: CVE-2008-2802
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11121
Common Vulnerability Exposure (CVE) ID: CVE-2008-2803
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10747
Common Vulnerability Exposure (CVE) ID: CVE-2008-2805
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10143
Common Vulnerability Exposure (CVE) ID: CVE-2008-2807
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9432
XForce ISS Database: firefox-propertiesfile-info-disclosure(50656)
http://xforce.iss.net/xforce/xfdb/50656
Common Vulnerability Exposure (CVE) ID: CVE-2008-2808
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9668
Common Vulnerability Exposure (CVE) ID: CVE-2008-2809
Bugtraq: 20071118 Certificate spoofing issue with Mozilla, Konqueror, Safari 2 (Google Search)
http://www.securityfocus.com/archive/1/archive/1/483929/100/100/threaded
Bugtraq: 20071118 RE: Certificate spoofing issue with Mozilla, Konqueror, Safari 2 (Google Search)
http://www.securityfocus.com/archive/1/archive/1/483960/100/100/threaded
Bugtraq: 20071118 Re: Certificate spoofing issue with Mozilla, Konqueror, Safari 2 (Google Search)
http://www.securityfocus.com/archive/1/archive/1/483937/100/100/threaded
http://nils.toedtmann.net/pub/subjectAltName.txt
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10205
http://securitytracker.com/id?1018979
http://securityreason.com/securityalert/3498
XForce ISS Database: mozilla-altnames-spoofing(43524)
http://xforce.iss.net/xforce/xfdb/43524
Common Vulnerability Exposure (CVE) ID: CVE-2008-2810
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9593
Common Vulnerability Exposure (CVE) ID: CVE-2008-2811
CERT/CC vulnerability note: VU#607267
http://www.kb.cert.org/vuls/id/607267
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9865
CopyrightCopyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 38680 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Registrierung eines neuen Benutzers
Email:
Benutzerkennung:
Passwort:
Bitte schicken Sie mir den monatlichen Newsletter, der mich über die neuesten Services, Verbesserungen und Umfragen informiert.
Bitte schicken Sie mir eine Anfälligkeitstest Benachrichtigung, wenn ein neuer Test hinzugefügt wird.
   Datenschutz
Anmeldung für registrierte Benutzer
 
Benutzerkennung:   
Passwort:  

 Benutzerkennung oder Passwort vergessen?
Email/Benutzerkennung:




Startseite | Über uns | Kontakt | Partnerprogramme | Datenschutz | Mailinglisten | Missbrauch
Sicherheits Überprüfungen | Verwaltete DNS | Netzwerk Überwachung | Webseiten Analysator | Internet Recherche Berichte
Web Sonde | Whois

© 1998-2014 E-Soft Inc. Alle Rechte vorbehalten.