Scientific Linux Security Update : seamonkey on SL3.x, SL4.x i386/x86_64
Critical Nessus Plugin ID 60737
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionCVE-2010-0159 Mozilla crashes with evidence of memory corruption (MFSA 2010-01)
CVE-2009-1571 Mozilla incorrectly frees used memory (MFSA 2010-03)
A use-after-free flaw was found in SeaMonkey. Under low memory conditions, visiting a web page containing malicious content could result in SeaMonkey executing arbitrary code with the privileges of the user running SeaMonkey. (CVE-2009-1571)
Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-0159)
After installing the update, SeaMonkey must be restarted for the changes to take effect.
SolutionUpdate the affected packages.