Scientific Linux Security Update : seamonkey on SL4.x i386/x86_64
High Nessus Plugin ID 60917
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionSeveral flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-3767, CVE-2010-3772, CVE-2010-3776)
A flaw was found in the way SeaMonkey loaded Java LiveConnect scripts.
Malicious web content could load a Java LiveConnect script in a way that would result in the plug-in object having elevated privileges, allowing it to execute Java code with the privileges of the user running SeaMonkey. (CVE-2010-3775)
After installing the update, SeaMonkey must be restarted for the changes to take effect.
SolutionUpdate the affected packages.