This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.
The remote Fedora host is missing a security update.
Updated seamonkey packages that fix several security issues are now
available for Fedora 8 and Fedora 9. This update has been rated as
having critical security impact by the Red Hat Security Response Team.
SeaMonkey is an open source Web browser, advanced email and newsgroup
client, IRC chat client, and HTML editor. Several flaws were found in
the processing of malformed web content. A web page containing
malicious content could cause SeaMonkey to crash or, potentially,
execute arbitrary code as the user running SeaMonkey. (CVE-2008-0016,
CVE-2008-4058, CVE-2008-4059, CVE-2008-4060, CVE-2008-4061,
CVE-2008-4062) Several flaws were found in the way malformed web
content was displayed. A web page containing specially crafted content
could potentially trick a SeaMonkey user into surrendering sensitive
information. (CVE-2008-3835, CVE-2008-4067, CVE-2008-4068,
CVE-2008-4069) A flaw was found in the way SeaMonkey handles mouse
could move the content window while a mouse-button was pressed,
causing any item under the pointer to be dragged. This could,
potentially, cause the user to perform an unsafe drag-and-drop action.
(CVE-2008-3837) A flaw was found in SeaMonkey that caused certain
(CVE-2008-4065, CVE-2008-4066) All SeaMonkey users should upgrade to
these updated packages, which contain patches to resolve these issues.
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.
See also :
Update the affected seamonkey package.
Risk factor :
Critical / CVSS Base Score : 10.0
Public Exploit Available : true
Family: Fedora Local Security Checks
Nessus Plugin ID: 34309 (fedora_2008-8429.nasl)
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now