English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.58680
Categoría:Red Hat Local Security Checks
Título:RedHat Security Advisory RHSA-2007:0980
Resumen:NOSUMMARY
Descripción:Description:

The remote host is missing updates announced in
advisory RHSA-2007:0980.

SeaMonkey is an open source Web browser, advanced email and newsgroup
client, IRC chat client, and HTML editor.

Several flaws were found in the way in which SeaMonkey processed certain
malformed web content. A web page containing malicious content could cause
SeaMonkey to crash or potentially execute arbitrary code as the user
running SeaMonkey. (CVE-2007-5338, CVE-2007-5339, CVE-2007-5340)

Several flaws were found in the way in which SeaMonkey displayed malformed
web content. A web page containing specially-crafted content could
potentially trick a user into surrendering sensitive information.
(CVE-2007-1095, CVE-2007-3844, CVE-2007-3511, CVE-2007-5334)

A flaw was found in the SeaMonkey sftp protocol handler. A malicious web
page could access data from a remote sftp site, possibly stealing sensitive
user data. (CVE-2007-5337)

A request-splitting flaw was found in the way in which SeaMonkey generates
a digest authentication request. If a user opened a specially-crafted URL,
it was possible to perform cross-site scripting attacks, web cache
poisoning, or other, similar exploits. (CVE-2007-2292)

Users of SeaMonkey are advised to upgrade to these erratum packages, which
contain backported patches that correct these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2007-0980.html
http://www.redhat.com/security/updates/classification/#critical

Risk factor : Critical

CVSS Score:
9.3

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-1095
BugTraq ID: 22688
http://www.securityfocus.com/bid/22688
Bugtraq: 20070223 Firefox: onUnload tailgating (MSIE7 entrapment bug variant) (Google Search)
http://www.securityfocus.com/archive/1/461007/100/0/threaded
Bugtraq: 20070223 MSIE7 browser entrapment vulnerability (probably Firefox, too) (Google Search)
http://www.securityfocus.com/archive/1/461023/100/0/threaded
Bugtraq: 20071026 rPSA-2007-0225-1 firefox (Google Search)
http://www.securityfocus.com/archive/1/482876/100/200/threaded
Bugtraq: 20071029 FLEA-2007-0062-1 firefox (Google Search)
http://www.securityfocus.com/archive/1/482925/100/0/threaded
Bugtraq: 20071029 rPSA-2007-0225-2 firefox thunderbird (Google Search)
http://www.securityfocus.com/archive/1/482932/100/200/threaded
Debian Security Information: DSA-1392 (Google Search)
http://www.debian.org/security/2007/dsa-1392
Debian Security Information: DSA-1396 (Google Search)
http://www.debian.org/security/2007/dsa-1396
Debian Security Information: DSA-1401 (Google Search)
http://www.debian.org/security/2007/dsa-1401
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00285.html
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00355.html
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00498.html
http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052630.html
http://www.gentoo.org/security/en/glsa/glsa-200711-14.xml
HPdes Security Advisory: HPSBUX02153
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742
HPdes Security Advisory: SSRT061181
http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:202
http://lcamtuf.coredump.cx/ietrap/ff/
https://bugzilla.mozilla.org/show_bug.cgi?id=371360
http://osvdb.org/33809
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11665
http://www.redhat.com/support/errata/RHSA-2007-0979.html
http://www.redhat.com/support/errata/RHSA-2007-0980.html
http://www.redhat.com/support/errata/RHSA-2007-0981.html
http://securitytracker.com/id?1018837
http://secunia.com/advisories/27276
http://secunia.com/advisories/27298
http://secunia.com/advisories/27311
http://secunia.com/advisories/27315
http://secunia.com/advisories/27325
http://secunia.com/advisories/27327
http://secunia.com/advisories/27335
http://secunia.com/advisories/27336
http://secunia.com/advisories/27356
http://secunia.com/advisories/27360
http://secunia.com/advisories/27383
http://secunia.com/advisories/27387
http://secunia.com/advisories/27403
http://secunia.com/advisories/27414
http://secunia.com/advisories/27425
http://secunia.com/advisories/27480
http://secunia.com/advisories/27665
http://secunia.com/advisories/27680
http://secunia.com/advisories/28398
http://securityreason.com/securityalert/2310
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1
SuSE Security Announcement: SUSE-SA:2007:057 (Google Search)
http://www.novell.com/linux/security/advisories/2007_57_mozilla.html
https://usn.ubuntu.com/535-1/
http://www.ubuntu.com/usn/usn-536-1
http://www.vupen.com/english/advisories/2007/3544
http://www.vupen.com/english/advisories/2007/3587
http://www.vupen.com/english/advisories/2008/0083
XForce ISS Database: ie-mozilla-onunload-dos(32647)
https://exchange.xforce.ibmcloud.com/vulnerabilities/32647
XForce ISS Database: ie-mozilla-onunload-url-spoofing(32649)
https://exchange.xforce.ibmcloud.com/vulnerabilities/32649
Common Vulnerability Exposure (CVE) ID: CVE-2007-2292
BugTraq ID: 23668
http://www.securityfocus.com/bid/23668
Bugtraq: 20070425 IE 7 and Firefox Browsers Digest Authentication Request Splitting (Google Search)
http://www.securityfocus.com/archive/1/466906/100/0/threaded
http://www.wisec.it/vulns.php?id=11
https://bugzilla.mozilla.org/show_bug.cgi?id=378787
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10195
http://www.securitytracker.com/id?1017968
http://securityreason.com/securityalert/2654
XForce ISS Database: firefox-lf-response-splitting(33981)
https://exchange.xforce.ibmcloud.com/vulnerabilities/33981
Common Vulnerability Exposure (CVE) ID: CVE-2007-3511
BugTraq ID: 24725
http://www.securityfocus.com/bid/24725
http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0646.html
http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0658.html
http://sla.ckers.org/forum/read.php?3,13142
http://yathong.googlepages.com/FirefoxFocusBug.html
http://osvdb.org/37994
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9763
http://secunia.com/advisories/25904
XForce ISS Database: firefox-focus-security-bypass(35299)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35299
Common Vulnerability Exposure (CVE) ID: CVE-2007-3844
1018479
http://securitytracker.com/id?1018479
1018480
http://securitytracker.com/id?1018480
1018481
http://securitytracker.com/id?1018481
103177
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103177-1
20070801 FLEA-2007-0039-1 firefox
http://www.securityfocus.com/archive/1/475265/100/200/threaded
20070803 FLEA-2007-0040-1 thunderbird
http://www.securityfocus.com/archive/1/475450/30/5550/threaded
201516
25142
http://www.securityfocus.com/bid/25142
26234
http://secunia.com/advisories/26234
26258
http://secunia.com/advisories/26258
26288
http://secunia.com/advisories/26288
26303
http://secunia.com/advisories/26303
26309
http://secunia.com/advisories/26309
26331
http://secunia.com/advisories/26331
26335
http://secunia.com/advisories/26335
26393
http://secunia.com/advisories/26393
26460
http://secunia.com/advisories/26460
26572
http://secunia.com/advisories/26572
27276
27298
27325
27326
http://secunia.com/advisories/27326
27327
27356
27414
27680
28135
http://secunia.com/advisories/28135
28363
http://secunia.com/advisories/28363
ADV-2007-3587
ADV-2007-4256
http://www.vupen.com/english/advisories/2007/4256
ADV-2008-0082
http://www.vupen.com/english/advisories/2008/0082
DSA-1344
http://www.debian.org/security/2007/dsa-1344
DSA-1345
http://www.debian.org/security/2007/dsa-1345
DSA-1346
http://www.debian.org/security/2007/dsa-1346
DSA-1391
http://www.debian.org/security/2007/dsa-1391
FEDORA-2007-2601
FEDORA-2007-3431
GLSA-200708-09
http://www.gentoo.org/security/en/glsa/glsa-200708-09.xml
HPSBUX02153
HPSBUX02156
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00774579
MDKSA-2007:152
http://www.mandriva.com/security/advisories?name=MDKSA-2007:152
MDVSA-2007:047
http://www.mandriva.com/security/advisories?name=MDVSA-2007:047
MDVSA-2008:047
http://www.mandriva.com/security/advisories?name=MDVSA-2008:047
RHSA-2007:0979
RHSA-2007:0980
RHSA-2007:0981
SSA:2007-213-01
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.010101
SSRT061181
SSRT061236
SUSE-SA:2007:057
USN-493-1
http://www.ubuntu.com/usn/usn-493-1
USN-503-1
http://www.ubuntu.com/usn/usn-503-1
http://bugzilla.mozilla.org/show_bug.cgi?id=388121
http://support.novell.com/techcenter/psdb/60eb95b75c76f9fbfcc9a89f99cd8f79.html
http://www.mozilla.org/security/announce/2007/mfsa2007-26.html
https://issues.rpath.com/browse/RPL-1600
oval:org.mitre.oval:def:9493
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9493
Common Vulnerability Exposure (CVE) ID: CVE-2007-5334
1018837
20071026 rPSA-2007-0225-1 firefox
20071029 FLEA-2007-0062-1 firefox
20071029 rPSA-2007-0225-2 firefox thunderbird
26132
http://www.securityfocus.com/bid/26132
27311
27315
27335
27336
27360
27383
27387
27403
27425
27480
27665
28398
ADV-2007-3544
ADV-2008-0083
DSA-1392
DSA-1396
DSA-1401
FEDORA-2007-2664
GLSA-200711-14
MDKSA-2007:202
USN-535-1
USN-536-1
VU#349217
http://www.kb.cert.org/vuls/id/349217
http://www.mozilla.org/security/announce/2007/mfsa2007-33.html
https://bugzilla.mozilla.org/show_bug.cgi?id=391043
https://issues.rpath.com/browse/RPL-1858
mozilla-xul-page-spoofing(37286)
https://exchange.xforce.ibmcloud.com/vulnerabilities/37286
oval:org.mitre.oval:def:11482
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11482
Common Vulnerability Exposure (CVE) ID: CVE-2007-5337
http://www.mozilla.org/security/announce/2007/mfsa2007-34.html
https://bugzilla.mozilla.org/show_bug.cgi?id=381146
mozilla-sftp-file-access(37287)
https://exchange.xforce.ibmcloud.com/vulnerabilities/37287
oval:org.mitre.oval:def:11443
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11443
Common Vulnerability Exposure (CVE) ID: CVE-2007-5338
1018836
http://securitytracker.com/id?1018836
http://www.mozilla.org/security/announce/2007/mfsa2007-35.html
mozilla-xpcnativewrapper-code-execution(37288)
https://exchange.xforce.ibmcloud.com/vulnerabilities/37288
oval:org.mitre.oval:def:10965
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10965
Common Vulnerability Exposure (CVE) ID: CVE-2007-5339
1018834
http://securitytracker.com/id?1018834
1018835
http://securitytracker.com/id?1018835
1018977
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1018977.1-1
231441
http://sunsolve.sun.com/search/document.do?assetkey=1-26-231441-1
27313
http://secunia.com/advisories/27313
27704
http://secunia.com/advisories/27704
27744
http://secunia.com/advisories/27744
28179
http://secunia.com/advisories/28179
28636
http://secunia.com/advisories/28636
ADV-2007-3545
http://www.vupen.com/english/advisories/2007/3545
ADV-2007-4272
http://www.vupen.com/english/advisories/2007/4272
ADV-2008-0643
http://www.vupen.com/english/advisories/2008/0643
GLSA-200711-24
http://security.gentoo.org/glsa/glsa-200711-24.xml
SSA:2007-324-01
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.471007
SUSE-SR:2008:002
http://www.novell.com/linux/security/advisories/suse_security_summary_report.html
VU#559977
http://www.kb.cert.org/vuls/id/559977
http://bugs.gentoo.org/show_bug.cgi?id=196481
http://www.mozilla.org/security/announce/2007/mfsa2007-29.html
https://bugzilla.mozilla.org/buglist.cgi?bug_id=309322%2C330563%2C341858%2C344064%2C348126%2C354645%2C361745%2C362901%2C378670%2C378682%2C379799%2C382376%2C384105%2C386382%2C386914%2C387033%2C387460%2C387844%2C391974%2C392285%2C393770%2C394014%2C394418
https://issues.rpath.com/browse/RPL-1884
mozilla-multiple-browser-code-execution(37281)
https://exchange.xforce.ibmcloud.com/vulnerabilities/37281
oval:org.mitre.oval:def:10459
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10459
Common Vulnerability Exposure (CVE) ID: CVE-2007-5340
VU#755513
http://www.kb.cert.org/vuls/id/755513
https://bugzilla.mozilla.org/buglist.cgi?bug_id=372309%2C387955%2C390078%2C393537
mozilla-multiple-java-code-execution(37282)
https://exchange.xforce.ibmcloud.com/vulnerabilities/37282
oval:org.mitre.oval:def:9622
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9622
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.