| Resumen: | The remote host is missing updates announced in;advisory RHSA-2009:1096.;;SeaMonkey is an open source Web browser, email and newsgroup client, IRC;chat client, and HTML editor.;;Several flaws were found in the processing of malformed web content. A web;page containing malicious content could cause SeaMonkey to crash or,;potentially, execute arbitrary code as the user running SeaMonkey.;(CVE-2009-1392, CVE-2009-1833, CVE-2009-1838, CVE-2009-1841);;A flaw was found in the processing of malformed, local file content. If a;user loaded malicious, local content via the file:// URL, it was possible;for that content to access other local data. (CVE-2009-1835);;All SeaMonkey users should upgrade to these updated packages, which correct;these issues. After installing the update, SeaMonkey must be restarted for;the changes to take effect. |
| Descripción: | Summary:
The remote host is missing updates announced in
advisory RHSA-2009:1096.
SeaMonkey is an open source Web browser, email and newsgroup client, IRC
chat client, and HTML editor.
Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause SeaMonkey to crash or,
potentially, execute arbitrary code as the user running SeaMonkey.
(CVE-2009-1392, CVE-2009-1833, CVE-2009-1838, CVE-2009-1841)
A flaw was found in the processing of malformed, local file content. If a
user loaded malicious, local content via the file:// URL, it was possible
for that content to access other local data. (CVE-2009-1835)
All SeaMonkey users should upgrade to these updated packages, which correct
these issues. After installing the update, SeaMonkey must be restarted for
the changes to take effect.
Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date
CVSS Score:
9.3
CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
