ID de Prueba:	1.3.6.1.4.1.25623.1.0.880930
Categoría:	CentOS Local Security Checks
Título:	CentOS Update for seamonkey CESA-2009:0398-01 centos2 i386
Resumen:	The remote host is missing an update for the 'seamonkey'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'seamonkey' package(s) announced via the referenced advisory. Vulnerability Insight: SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor. A memory corruption flaw was discovered in the way SeaMonkey handles XML files containing an XSLT transform. A remote attacker could use this flaw to crash SeaMonkey or, potentially, execute arbitrary code as the user running SeaMonkey. (CVE-2009-1169) A flaw was discovered in the way SeaMonkey handles certain XUL garbage collection events. A remote attacker could use this flaw to crash SeaMonkey or, potentially, execute arbitrary code as the user running SeaMonkey. (CVE-2009-1044) All SeaMonkey users should upgrade to these updated packages, which correct these issues. After installing the update, SeaMonkey must be restarted for the changes to take effect. Affected Software/OS: seamonkey on CentOS 2 Solution: Please install the updated packages. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1044 BugTraq ID: 34181 http://www.securityfocus.com/bid/34181 Bugtraq: 20090330 ZDI-09-015: Mozilla Firefox XUL _moveToEdgeShift() Memory Corruption Vulnerability (Google Search) http://www.securityfocus.com/archive/1/502303/100/0/threaded Debian Security Information: DSA-1756 (Google Search) http://www.debian.org/security/2009/dsa-1756 https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01023.html https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01040.html https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01077.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:084 http://blogs.zdnet.com/security/?p=2934 http://blogs.zdnet.com/security/?p=2941 http://cansecwest.com/index.html http://dvlabs.tippingpoint.com/blog/2009/02/25/pwn2own-2009 http://dvlabs.tippingpoint.com/blog/2009/03/18/pwn2own-2009-day-1---safari-internet-explorer-and-firefox-taken-down-by-four-zero-day-exploits http://news.cnet.com/8301-1009_3-10199652-83.html http://twitter.com/tippingpoint1/status/1351635812 http://www.h-online.com/security/Pwn2Own-2009-Safari-IE-8-and-Firefox-exploited--/news/112889 http://www.zerodayinitiative.com/advisories/ZDI-09-015 http://osvdb.org/52896 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11368 http://www.redhat.com/support/errata/RHSA-2009-0397.html http://www.redhat.com/support/errata/RHSA-2009-0398.html http://www.securitytracker.com/id?1021878 http://secunia.com/advisories/34471 http://secunia.com/advisories/34505 http://secunia.com/advisories/34510 http://secunia.com/advisories/34511 http://secunia.com/advisories/34521 http://secunia.com/advisories/34527 http://secunia.com/advisories/34549 http://secunia.com/advisories/34550 http://secunia.com/advisories/34792 SuSE Security Announcement: SUSE-SA:2009:022 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00008.html http://www.ubuntu.com/usn/usn-745-1 http://www.vupen.com/english/advisories/2009/0864 Common Vulnerability Exposure (CVE) ID: CVE-2009-1169 1021939 http://www.securitytracker.com/id?1021939 34235 http://www.securityfocus.com/bid/34235 34471 34486 http://secunia.com/advisories/34486 34505 34510 34511 34521 34527 34549 34550 34792 8285 https://www.exploit-db.com/exploits/8285 ADV-2009-0853 http://www.vupen.com/english/advisories/2009/0853 DSA-1756 FEDORA-2009-3099 FEDORA-2009-3100 FEDORA-2009-3101 MDVSA-2009:084 RHSA-2009:0397 RHSA-2009:0398 SUSE-SA:2009:022 SUSE-SA:2009:023 http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00009.html USN-745-1 http://blogs.zdnet.com/security/?p=3013 http://support.avaya.com/elmodocs2/security/ASA-2009-113.htm http://www.mozilla.org/security/announce/2009/mfsa2009-12.html https://bugzilla.mozilla.org/show_bug.cgi?id=460090 https://bugzilla.mozilla.org/show_bug.cgi?id=485217 https://bugzilla.mozilla.org/show_bug.cgi?id=485286 mozilla-xslt-code-execution(49439) https://exchange.xforce.ibmcloud.com/vulnerabilities/49439 oval:org.mitre.oval:def:11372 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11372
Copyright	Copyright (C) 2011 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.