This script is Copyright (C) 2008-2017 Tenable Network Security, Inc.
A web browser on the remote host is affected by multiple
The installed version of SeaMonkey is affected by various security
privilege escalation and arbitrary code execution.
- Several stability bugs leading to crashes which, in
some cases, show traces of memory corruption.
- An HTTP Referer spoofing issue with malformed URLs.
- A privacy issue with SSL client authentication.
- Web content fetched via the 'jar:' protocol can use
Java via LiveConnect to open socket connections to
arbitrary ports on the localhost.
- It is possible to have a background tab create a
border-less XUL pop-up in front of the active tab
in the user's browser.
See also :
Upgrade to SeaMonkey 1.1.9 or later.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : true
Nessus Plugin ID: 31653 ()
Bugtraq ID: 28448
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now