openSUSE Security Update : seamonkey (seamonkey-1014)

critical Nessus Plugin ID 40133


The remote openSUSE host is missing a security update.


The Mozilla SeaMonkey browser suite was updated to version 1.1.16, fixing various bugs and security issues :

- Security update to 1.1.16

- MFSA 2009-12/CVE-2009-1169 (bmo#460090,485217) Crash and remote code execution in XSL transformation

- MFSA 2009-14/CVE-2009-1303/CVE-2009-1305 Crashes with evidence of memory corruption (rv:

- Security update to 1.1.15

- MFSA 2009-15/CVE-2009-0652 URL spoofing with box drawing character

- MFSA 2009-07/CVE-2009-0771, CVE-2009-0772, CVE-2009-0773 CVE-2009-0774: Crashes with evidence of memory corruption (rv:

- MFSA 2009-09/CVE-2009-0776: XML data theft via RDFXMLDataSource and cross-domain redirect

- MFSA 2009-10/CVE-2009-0040: Upgrade PNG library to fix memory safety hazards

- MFSA 2009-01/CVE-2009-0352 Crashes with evidence of memory corruption (rv:

- MFSA 2009-05/CVE-2009-0357 XMLHttpRequest allows reading HTTPOnly cookies

Please note that the java openjdk plugin might not work after installing this update.


Update the affected seamonkey packages.

See Also

Plugin Details

Severity: Critical

ID: 40133

File Name: suse_11_0_seamonkey-090617.nasl

Version: 1.19

Type: local

Agent: unix

Published: 7/21/2009

Updated: 1/14/2021

Supported Sensors: Nessus Agent

Risk Information


Risk Factor: Medium

Score: 6.7


Risk Factor: Critical

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:seamonkey, p-cpe:/a:novell:opensuse:seamonkey-dom-inspector, p-cpe:/a:novell:opensuse:seamonkey-irc, p-cpe:/a:novell:opensuse:seamonkey-mail, p-cpe:/a:novell:opensuse:seamonkey-spellchecker, p-cpe:/a:novell:opensuse:seamonkey-venkman, cpe:/o:novell:opensuse:11.0

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/17/2009

Vulnerability Publication Date: 2/4/2009

Reference Information

CVE: CVE-2009-0040, CVE-2009-0352, CVE-2009-0357, CVE-2009-0652, CVE-2009-0771, CVE-2009-0772, CVE-2009-0773, CVE-2009-0774, CVE-2009-0776, CVE-2009-1169, CVE-2009-1303, CVE-2009-1305

CWE: 16, 94, 200, 264, 399