Fedora 7 : seamonkey-1.1.5-1.fc7 (2007-2601)
High Nessus Plugin ID 27780
SynopsisThe remote Fedora host is missing a security update.
DescriptionSeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor.
By leveraging browser flaws, users could be fooled into possibly surrendering sensitive information (CVE-2007-1095, CVE-2007-3511, CVE-2007-3844, CVE-2007-5334).
Malformed web content could result in the execution of arbitrary commands (CVE-2007-5338, CVE-2007-5339, CVE-2007-5340).
Digest Authentication requests can be used to conduct a response splitting attack (CVE-2007-2292).
The sftp protocol handler could be used to view the contents of arbitrary local files (CVE-2007-5337).
Users of SeaMonkey are advised to upgrade to these erratum packages, which contain patches that correct these issues.
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected seamonkey and / or seamonkey-debuginfo packages.