| Summary: | The remote host is missing updates announced in;advisory RHSA-2009:1531.;;SeaMonkey is an open source Web browser, email and newsgroup client, IRC;chat client, and HTML editor.;;A flaw was found in the way SeaMonkey creates temporary file names for;downloaded files. If a local attacker knows the name of a file SeaMonkey is;going to download, they can replace the contents of that file with;arbitrary contents. (CVE-2009-3274);;A heap-based buffer overflow flaw was found in the SeaMonkey string to;floating point conversion routines. A web page containing malicious;JavaScript could crash SeaMonkey or, potentially, execute arbitrary code;with the privileges of the user running SeaMonkey. (CVE-2009-1563);;A flaw was found in the way SeaMonkey handles text selection. A malicious;website may be able to read highlighted text in a different domain (e.g.;another website the user is viewing), bypassing the same-origin policy.;(CVE-2009-3375);;A flaw was found in the way SeaMonkey displays a right-to-left override;character when downloading a file. In these cases, the name displayed in;the title bar differs from the name displayed in the dialog body. An;attacker could use this flaw to trick a user into downloading a file that;has a file name or extension that differs from what the user expected.;(CVE-2009-3376);;Several flaws were found in the processing of malformed web content. A web;page containing malicious content could cause SeaMonkey to crash or,;potentially, execute arbitrary code with the privileges of the user running;SeaMonkey. (CVE-2009-3380);;All SeaMonkey users should upgrade to these updated packages, which correct;these issues. After installing the update, SeaMonkey must be restarted for;the changes to take effect. |
| Description: | Summary:
The remote host is missing updates announced in
advisory RHSA-2009:1531.
SeaMonkey is an open source Web browser, email and newsgroup client, IRC
chat client, and HTML editor.
A flaw was found in the way SeaMonkey creates temporary file names for
downloaded files. If a local attacker knows the name of a file SeaMonkey is
going to download, they can replace the contents of that file with
arbitrary contents. (CVE-2009-3274)
A heap-based buffer overflow flaw was found in the SeaMonkey string to
floating point conversion routines. A web page containing malicious
JavaScript could crash SeaMonkey or, potentially, execute arbitrary code
with the privileges of the user running SeaMonkey. (CVE-2009-1563)
A flaw was found in the way SeaMonkey handles text selection. A malicious
website may be able to read highlighted text in a different domain (e.g.
another website the user is viewing), bypassing the same-origin policy.
(CVE-2009-3375)
A flaw was found in the way SeaMonkey displays a right-to-left override
character when downloading a file. In these cases, the name displayed in
the title bar differs from the name displayed in the dialog body. An
attacker could use this flaw to trick a user into downloading a file that
has a file name or extension that differs from what the user expected.
(CVE-2009-3376)
Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause SeaMonkey to crash or,
potentially, execute arbitrary code with the privileges of the user running
SeaMonkey. (CVE-2009-3380)
All SeaMonkey users should upgrade to these updated packages, which correct
these issues. After installing the update, SeaMonkey must be restarted for
the changes to take effect.
Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date
CVSS Score:
10.0
CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
