| Description: | Description:
The remote host is missing an update to seamonkey
announced via advisory FEDORA-2008-6517.
SeaMonkey is an all-in-one Internet application suite. It includes
a browser, mail/news client, IRC client, JavaScript debugger, and
a tool to inspect the DOM for web pages. It is derived from the
application formerly known as Mozilla Application Suite.
Update Information:
Updated seamonkey packages that fix several security issues are now available
for Fedora 8. An integer overflow flaw was found in the way Seamonkey
displayed certain web content. A malicious web site could cause Seamonkey to
crash, or execute arbitrary code with the permissions of the user running
Seamonkey. (CVE-2008-2785) Updated packages update Seamonkey to upstream
version 1.1.11 to address this flaw: http://www.mozilla.org/security/known-
vulnerabilities/seamonkey11.html#seamonkey1.1.11
ChangeLog:
* Tue Jul 15 2008 Christopher Aillon - 1.1.11-1
- Update to 1.1.11
* Tue Jul 8 2008 Christopher Aillon - 1.1.10-1
- Update to 1.1.10
- Use bullet characters to match GTK+
References:
[ 1 ] Bug #452204 - CVE-2008-2785 mozilla: CSS reference counter overflow (ZDI-CAN-349)
https://bugzilla.redhat.com/show_bug.cgi?id=452204
Solution: Apply the appropriate updates.
This update can be installed with the yum update program. Use
su -c 'yum update seamonkey' at the command line.
For more information, refer to Managing Software with yum,
available at http://docs.fedoraproject.org/yum/.
http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2008-6517
Risk factor : Critical
CVSS Score:
9.3
|
