icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

SeaMonkey < 1.1.9 Multiple Vulnerabilities

High

Synopsis

A web browser on the remote host is affected by multiple vulnerabilities.

Description

The installed version of SeaMonkey is affected by various security issues : - A series of vulnerabilities that allow for JavaScript privilege escalation and arbitrary code execution. - Several stability bugs leading to crashes that, in some cases, show traces of memory corruption. - An HTTP Referer spoofing issue with malformed URLs. - A privacy issue with SSL client authentication. - Web content fetched via the 'jar:' protocol can use Java via LiveConnect to open socket connections to arbitrary ports on the localhost. - It is possible to have a background tab create a borderless XUL pop-up in front of the active tab in the user's browser.

Solution

Upgrade to version 1.1.9 or higher.