openSUSE Security Update : seamonkey (openSUSE-SU-2011:0957-1)

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

Mozilla SeaMonkey suite was updated to version 2.3.

The update fixes bugs and security issues. Following security issues
were fixed:
http://www.mozilla.org/security/announce/2011/mfsa2011-33.html Mozilla
Foundation Security Advisory 2011-33 (MFSA 2011-33) Mozilla Foundation
Security Advisory 2011-33

- Miscellaneous memory safety hazards (rv:4.0) Mozilla
identified and fixed several memory safety bugs in the
browser engine used in SeaMonkey 2.2 and other
Mozilla-based products. Some of these bugs showed
evidence of memory corruption under certain
circumstances, and we presume that with enough effort at
least some of these could be exploited to run arbitrary
code.

Aral Yaman reported a WebGL crash which affected
SeaMonkey 2.2. (CVE-2011-2989)

Vivekanand Bolajwar reported a JavaScript crash which
affected SeaMonkey 2.2. (CVE-2011-2991)

Bert Hubert and Theo Snelleman of Fox-IT reported a
crash in the Ogg reader which affected SeaMonkey 2.2.
(CVE-2011-2992)

Mozilla developers and community members Robert Kaiser,
Jesse Ruderman, moz_bug_r_a4, Mardeg, Gary Kwong,
Christoph Diehl, Martijn Wargers, Travis Emmitt, Bob
Clary and Jonathan Watt reported memory safety issues
which affected SeaMonkey 2.2. (CVE-2011-2985)

- Unsigned scripts can call script inside signed JAR

Rafael Gieschke reported that unsigned JavaScript could
call into script inside a signed JAR thereby inheriting
the identity of the site that signed the JAR as well as
any permissions that a user had granted the signed JAR.
(CVE-2011-2993)

- String crash using WebGL shaders

Michael Jordon of Context IS reported that an overly
long shader program could cause a buffer overrun and
crash in a string class used to store the shader source
code. (CVE-2011-2988)

- Heap overflow in ANGLE library

Michael Jordon of Context IS reported a potentially
exploitable heap overflow in the ANGLE library used by
Mozilla's WebGL implementation. (CVE-2011-2987)

- Crash in SVGTextElement.getCharNumAtPosition()

Security researcher regenrecht reported via
TippingPoint's Zero Day Initiative that a SVG text
manipulation routine contained a dangling pointer
vulnerability. (CVE-2011-0084)

- Credential leakage using Content Security Policy reports

Mike Cardwell reported that Content Security Policy
violation reports failed to strip out proxy
authorization credentials from the list of request
headers. Daniel Veditz reported that redirecting to a
website with Content Security Policy resulted in the
incorrect resolution of hosts in the constructed policy.
(CVE-2011-2990)

- Cross-origin data theft using canvas and Windows D2D

nasalislarvatus3000 reported that when using Windows D2D
hardware acceleration, image data from one domain could
be inserted into a canvas and read by a different
domain. (CVE-2011-2986)

See also :

http://lists.opensuse.org/opensuse-updates/2011-08/msg00039.html
http://www.mozilla.org/security/announce/2011/mfsa2011-33.html
https://bugzilla.novell.com/show_bug.cgi?id=712224

Solution :

Update the affected seamonkey packages.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now