English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.880951
Categoría:CentOS Local Security Checks
Título:CentOS Update for seamonkey CESA-2009:0437-02 centos2 i386
Resumen:The remote host is missing an update for the 'seamonkey'; package(s) announced via the referenced advisory.
Descripción:Summary:
The remote host is missing an update for the 'seamonkey'
package(s) announced via the referenced advisory.

Vulnerability Insight:
SeaMonkey is an open source Web browser, email and newsgroup client, IRC
chat client, and HTML editor.

Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause SeaMonkey to crash or,
potentially, execute arbitrary code as the user running SeaMonkey.
(CVE-2009-1303, CVE-2009-1305)

Several flaws were found in the way malformed web content was processed. A
web page containing malicious content could execute arbitrary JavaScript in
the context of the site, possibly presenting misleading data to a user, or
stealing sensitive information such as login credentials. (CVE-2009-0652,
CVE-2009-1306, CVE-2009-1307, CVE-2009-1309, CVE-2009-1312)

A flaw was found in the way SeaMonkey saved certain web pages to a local
file. If a user saved the inner frame of a web page containing POST data,
the POST data could be revealed to the inner frame, possibly surrendering
sensitive information such as login credentials. (CVE-2009-1311)

All SeaMonkey users should upgrade to these updated packages, which correct
these issues. After installing the update, SeaMonkey must be restarted for
the changes to take effect.

Affected Software/OS:
seamonkey on CentOS 2

Solution:
Please install the updated packages.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-0652
BugTraq ID: 33837
http://www.securityfocus.com/bid/33837
Debian Security Information: DSA-1797 (Google Search)
http://www.debian.org/security/2009/dsa-1797
Debian Security Information: DSA-1830 (Google Search)
http://www.debian.org/security/2009/dsa-1830
https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00683.html
http://www.mandriva.com/security/advisories?name=MDVSA-2009:111
http://www.blackhat.com/html/bh-dc-09/bh-dc-09-speakers.html#Marlinspike
https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf
http://lists.immunitysec.com/pipermail/dailydave/2009-February/005556.html
http://lists.immunitysec.com/pipermail/dailydave/2009-February/005563.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11396
http://www.redhat.com/support/errata/RHSA-2009-0436.html
RedHat Security Advisories: RHSA-2009:0437
http://rhn.redhat.com/errata/RHSA-2009-0437.html
http://secunia.com/advisories/34096
http://secunia.com/advisories/34843
http://secunia.com/advisories/34844
http://secunia.com/advisories/34894
http://secunia.com/advisories/35042
http://secunia.com/advisories/35065
SuSE Security Announcement: SUSE-SR:2009:010 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
https://usn.ubuntu.com/764-1/
http://www.vupen.com/english/advisories/2009/1125
XForce ISS Database: mozilla-firefox-homoglyph-spoofing(48974)
https://exchange.xforce.ibmcloud.com/vulnerabilities/48974
Common Vulnerability Exposure (CVE) ID: CVE-2009-1303
1022090
http://www.securitytracker.com/id?1022090
264308
http://sunsolve.sun.com/search/document.do?assetkey=1-66-264308-1
34656
http://www.securityfocus.com/bid/34656
34758
http://secunia.com/advisories/34758
34780
http://secunia.com/advisories/34780
34843
34844
34894
35042
35065
35536
http://secunia.com/advisories/35536
35602
http://secunia.com/advisories/35602
ADV-2009-1125
DSA-1797
DSA-1830
FEDORA-2009-3875
MDVSA-2009:111
MDVSA-2009:141
http://www.mandriva.com/security/advisories?name=MDVSA-2009:141
RHSA-2009:0436
RHSA-2009:0437
RHSA-2009:1125
http://www.redhat.com/support/errata/RHSA-2009-1125.html
RHSA-2009:1126
http://www.redhat.com/support/errata/RHSA-2009-1126.html
SSA:2009-178-01
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.454275
SUSE-SR:2009:010
USN-764-1
USN-782-1
http://www.ubuntu.com/usn/usn-782-1
http://www.mozilla.org/security/announce/2009/mfsa2009-14.html
https://bugzilla.mozilla.org/show_bug.cgi?id=453736
oval:org.mitre.oval:def:5810
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5810
oval:org.mitre.oval:def:5992
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5992
oval:org.mitre.oval:def:6151
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6151
oval:org.mitre.oval:def:6646
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6646
oval:org.mitre.oval:def:9455
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9455
Common Vulnerability Exposure (CVE) ID: CVE-2009-1305
https://bugzilla.mozilla.org/show_bug.cgi?id=476049
oval:org.mitre.oval:def:10110
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10110
oval:org.mitre.oval:def:6090
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6090
oval:org.mitre.oval:def:6232
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6232
oval:org.mitre.oval:def:6248
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6248
oval:org.mitre.oval:def:6921
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6921
Common Vulnerability Exposure (CVE) ID: CVE-2009-1306
1022095
http://www.securitytracker.com/id?1022095
http://www.mozilla.org/security/announce/2009/mfsa2009-16.html
https://bugzilla.mozilla.org/show_bug.cgi?id=474536
oval:org.mitre.oval:def:10150
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10150
oval:org.mitre.oval:def:6021
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6021
oval:org.mitre.oval:def:6194
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6194
oval:org.mitre.oval:def:6312
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6312
oval:org.mitre.oval:def:6710
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6710
Common Vulnerability Exposure (CVE) ID: CVE-2009-1307
1022093
http://www.securitytracker.com/id?1022093
35561
http://secunia.com/advisories/35561
35882
http://secunia.com/advisories/35882
FEDORA-2009-7567
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00444.html
FEDORA-2009-7614
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00504.html
SSA:2009-176-01
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.425408
http://www.mozilla.org/security/announce/2009/mfsa2009-17.html
https://bugzilla.mozilla.org/show_bug.cgi?id=481342
oval:org.mitre.oval:def:10972
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10972
oval:org.mitre.oval:def:5933
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5933
oval:org.mitre.oval:def:6154
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6154
oval:org.mitre.oval:def:6266
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6266
oval:org.mitre.oval:def:7008
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7008
Common Vulnerability Exposure (CVE) ID: CVE-2009-1309
1022094
http://www.securitytracker.com/id?1022094
http://www.mozilla.org/security/announce/2009/mfsa2009-19.html
https://bugzilla.mozilla.org/show_bug.cgi?id=478433
https://bugzilla.mozilla.org/show_bug.cgi?id=482206
oval:org.mitre.oval:def:5265
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5265
oval:org.mitre.oval:def:5591
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5591
oval:org.mitre.oval:def:6139
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6139
oval:org.mitre.oval:def:6831
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6831
oval:org.mitre.oval:def:9494
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9494
Common Vulnerability Exposure (CVE) ID: CVE-2009-1311
1022097
http://www.securitytracker.com/id?1022097
http://www.mozilla.org/security/announce/2009/mfsa2009-21.html
https://bugzilla.mozilla.org/show_bug.cgi?id=471962
oval:org.mitre.oval:def:10939
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10939
oval:org.mitre.oval:def:6200
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6200
oval:org.mitre.oval:def:6222
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6222
oval:org.mitre.oval:def:7235
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7235
Common Vulnerability Exposure (CVE) ID: CVE-2009-1312
1022096
http://www.securitytracker.com/id?1022096
20090702 Cross-Site Scripting vulnerabilities in Mozilla, Internet Explorer, Opera and Chrome
http://www.securityfocus.com/archive/1/504718/100/0/threaded
20090703 Re: Cross-Site Scripting vulnerabilities in Mozilla, Internet Explorer, Opera and Chrome
http://www.securityfocus.com/archive/1/504723/100/0/threaded
http://ha.ckers.org/blog/20070309/firefox-header-redirection-javascript-execution/
http://websecurity.com.ua/3275/
http://websecurity.com.ua/3386/
http://www.mozilla.org/security/announce/2009/mfsa2009-22.html
https://bugzilla.mozilla.org/show_bug.cgi?id=475636
oval:org.mitre.oval:def:6064
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6064
oval:org.mitre.oval:def:6131
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6131
oval:org.mitre.oval:def:6731
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6731
oval:org.mitre.oval:def:9818
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9818
CopyrightCopyright (C) 2011 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.