openSUSE 10 Security Update : seamonkey (seamonkey-6310)

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

The Mozilla SeaMonkey browser suite was updated to version 1.1.16,
fixing various bugs and security issues :

- Security update to 1.1.16

- MFSA 2009-12/CVE-2009-1169 (bmo#460090,485217) Crash and
remote code execution in XSL transformation

- MFSA 2009-14/CVE-2009-1303/CVE-2009-1305 Crashes with
evidence of memory corruption (rv:1.9.0.9)

- Security update to 1.1.15

- MFSA 2009-15/CVE-2009-0652 URL spoofing with box drawing
character

- MFSA 2009-07/CVE-2009-0771, CVE-2009-0772, CVE-2009-0773
CVE-2009-0774: Crashes with evidence of memory
corruption (rv:1.9.0.7)

- MFSA 2009-09/CVE-2009-0776: XML data theft via
RDFXMLDataSource and cross-domain redirect

- MFSA 2009-10/CVE-2009-0040: Upgrade PNG library to fix
memory safety hazards

- MFSA 2009-01/CVE-2009-0352 Crashes with evidence of
memory corruption (rv:1.9.0.6)

- MFSA 2009-05/CVE-2009-0357 XMLHttpRequest allows reading
HTTPOnly cookies

Please note that the java openjdk plugin might not work after
installing this update.

Solution :

Update the affected seamonkey packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
Public Exploit Available : true

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now