SeaMonkey < 1.1.18 Multiple Vulnerabilities
High Nessus Plugin ID 40874
SynopsisA web browser on the remote host is affected by multiple vulnerabilities.
DescriptionThe installed version of SeaMonkey is earlier than 1.1.18. Such versions are potentially affected by the following security issues :
- The browser can be fooled into trusting a malicious SSL server certificate with a null character in the host name.
- A heap overflow in the code that handles regular expressions in certificate names can lead to arbitrary code execution. (MFSA 2009-43)
SolutionUpgrade to SeaMonkey 1.1.18 or later.