icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Mozilla SeaMonkey 2.x <= 2.13 Multiple Vulnerabilities

High

Synopsis

The remote host has a web browser installed that is vulnerable to multiple vulnerabilities.

Description

Versions of SeaMonkey 2.13.x are potentially affected by the following security issues :

- Several memory safety bugs exist in the browser engine used in Mozilla-based products that could be exploited to execute arbitrary code. (CVE-2012-5842, CVE-2012-5843)

- An error exists in the method 'image::RasterImage::DrawFrameTo' related to GIF images that could allow a heap-based buffer overflow leading to arbitrary code execution. (CVE-2012-4202)

- An error exists related to SVG text and CSS properties that could lead to application crashes. (CVE-2012-5836)

- The JavaScript function 'str_unescape' could allow arbitrary code execution. (CVE-2012-4204)

- 'XMLHttpRequest' objects inherit incorrect principals when created in sandboxes that could allow cross-site request forgery attacks (XSRF). (CVE-2012-4205)

- 'XrayWrappers' can expose DOM properties that are not meant to be accessible outside of the chrome compartment. (CVE-2012-4208)

- Errors exist related to 'evalInSandbox', 'HZ-GB-2312' charset, frames and the 'location' object, and 'cross-origin wrappers' that can allow cross-site scripting (XSS) attacks. (CVE-2012-4201, CVE-2012-4207, CVE-2012-4209, CVE-2012-5841)

- Various use-after-free, out-of-bounds read and buffer overflow errors exist that could potentially lead to arbitrary code execution. (CVE-2012-4212, CVE-2012-4213, CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-4217, CVE-2012-4218, CVE-2012-5829, CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5838, CVE-2012-5839, CVE-2012-5840)

Solution

Upgrade to SeaMonkey 2.14 or later.