openSUSE Security Update : seamonkey (openSUSE-SU-2012:0007-1)

Critical Nessus Plugin ID 75744


The remote openSUSE host is missing a security update.


seamonkey version 2.6 fixes several security issues :

- MFSA 2011-53/CVE-2011-3660: Miscellaneous memory safety hazards

- MFSA 2011-54/CVE-2011-3661: Potentially exploitable crash in the YARR regular expression library

- MFSA 2011-55/CVE-2011-3658: nsSVGValue out-of-bounds access

- MFSA 2011-56/CVE-2011-3663: Key detection without JavaScript via SVG animation

- MFSA 2011-58/CVE-2011-3665: Crash scaling <video> to extreme sizes


Update the affected seamonkey packages.

See Also

Plugin Details

Severity: Critical

ID: 75744

File Name: suse_11_3_seamonkey-111221.nasl

Version: $Revision: 1.3 $

Type: local

Agent: unix

Published: 2014/06/13

Modified: 2015/11/16

Dependencies: 12634

Risk Information

Risk Factor: Critical


Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:seamonkey, p-cpe:/a:novell:opensuse:seamonkey-dom-inspector, p-cpe:/a:novell:opensuse:seamonkey-irc, p-cpe:/a:novell:opensuse:seamonkey-translations-common, p-cpe:/a:novell:opensuse:seamonkey-translations-other, p-cpe:/a:novell:opensuse:seamonkey-venkman, cpe:/o:novell:opensuse:11.3

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2011/12/21

Exploitable With


Metasploit (Firefox nsSVGValue Out-of-Bounds Access Vulnerability)

Reference Information

CVE: CVE-2011-3658, CVE-2011-3660, CVE-2011-3661, CVE-2011-3663, CVE-2011-3665