Executive Summary
Summary | |
---|---|
Title | seamonkey security update (was mozilla) |
Informations | |||
---|---|---|---|
Name | RHSA-2006:0578 | First vendor Publication | 2006-07-20 |
Vendor | RedHat | Last vendor Modification | 2006-07-20 |
Severity (Vendor) | Critical | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated seamonkey packages that fix several security bugs in the mozilla package are now available for Red Hat Enterprise Linux 3. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. The Mozilla Foundation has discontinued support for the Mozilla Suite. This update deprecates the Mozilla Suite in Red Hat Enterprise Linux 3 in favor of the supported SeaMonkey Suite. This update also resolves a number of outstanding Mozilla security issues: Several flaws were found in the way Mozilla processed certain javascript actions. A malicious web page could execute arbitrary javascript instructions with the permissions of "chrome", allowing the page to steal sensitive information or install browser malware. (CVE-2006-2776, CVE-2006-2784, CVE-2006-2785, CVE-2006-2787) Several denial of service flaws were found in the way Mozilla processed certain web content. A malicious web page could crash firefox or possibly execute arbitrary code. These issues to date were not proven to be exploitable, but do show evidence of memory corruption. (CVE-2006-2779, CVE-2006-2780) A double-free flaw was found in the way Mozilla-mail displayed malformed inline vcard attachments. If a victim viewed an email message containing a carefully crafted vcard it could execute arbitrary code as the user running Mozilla-mail. (CVE-2006-2781) A cross site scripting flaw was found in the way Mozilla processed Unicode Byte-order-Mark (BOM) markers in UTF-8 web pages. A malicious web page could execute a script within the browser that a web input sanitizer could miss due to a malformed "script" tag. (CVE-2006-2783) A form file upload flaw was found in the way Mozilla handled javascript input object mutation. A malicious web page could upload an arbitrary local file at form submission time without user interaction. (CVE-2006-2782) A denial of service flaw was found in the way Mozilla called the crypto.signText() javascript function. A malicious web page could crash the browser if the victim had a client certificate loaded. (CVE-2006-2778) Two HTTP response smuggling flaws were found in the way Mozilla processed certain invalid HTTP response headers. A malicious web site could return specially crafted HTTP response headers which may bypass HTTP proxy restrictions. (CVE-2006-2786) A double free flaw was found in the way the nsIX509::getRawDER method was called. If a victim visited a carefully crafted web page it could execute arbitrary code as the user running Mozilla. (CVE-2006-2788) Users of Mozilla are advised to upgrade to this update, which contains SeaMonkey version 1.0.2 that is not vulnerable to these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 196971 - CVE-2006-2783 multiple Seamonkey issues (CVE-2006-2782,CVE-2006-2778,CVE-2006-2776,CVE-2006-2784,CVE-2006-2785,CVE-2006-2786,CVE-2006-2787,CVE-2006-2788) 198683 - CVE-2006-2779 Multiple Mozilla issues (CVE-2006-2780, CVE-2006-2781) |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2006-0578.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
29 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
29 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
14 % | CWE-264 | Permissions, Privileges, and Access Controls |
14 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
14 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:9768 | |||
Oval ID: | oval:org.mitre.oval:def:9768 | ||
Title: | The PLUGINSPAGE functionality in Mozilla Firefox before 1.5.0.4 allows remote user-assisted attackers to execute privileged code by tricking a user into installing missing plugins and selecting the "Manual Install" button, then using nested javascript: URLs. NOTE: the manual install button is used for downloading software from a remote web site, so this issue would not cross privilege boundaries if the user progresses to the point of installing malicious software from the attacker-controlled site. | ||
Description: | The PLUGINSPAGE functionality in Mozilla Firefox before 1.5.0.4 allows remote user-assisted attackers to execute privileged code by tricking a user into installing missing plugins and selecting the "Manual Install" button, then using nested javascript: URLs. NOTE: the manual install button is used for downloading software from a remote web site, so this issue would not cross privilege boundaries if the user progresses to the point of installing malicious software from the attacker-controlled site. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2006-2784 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9966 | |||
Oval ID: | oval:org.mitre.oval:def:9966 | ||
Title: | HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via (1) invalid HTTP response headers with spaces between the header name and the colon, which might not be ignored in some cases, or (2) HTTP 1.1 headers through an HTTP 1.0 proxy, which are ignored by the proxy but processed by the client. | ||
Description: | HTTP response smuggling vulnerability in Mozilla Firefox and Thunderbird before 1.5.0.4, when used with certain proxy servers, allows remote attackers to cause Firefox to interpret certain responses as if they were responses from two different sites via (1) invalid HTTP response headers with spaces between the header name and the colon, which might not be ignored in some cases, or (2) HTTP 1.1 headers through an HTTP 1.0 proxy, which are ignored by the proxy but processed by the client. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2006-2786 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-05-05 | Name : HP-UX Update for Thunderbird HPSBUX02156 File : nvt/gb_hp_ux_HPSBUX02156.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200606-12 (mozilla-firefox) File : nvt/glsa_200606_12.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200606-21 (mozilla-thunderbird) File : nvt/glsa_200606_21.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200703-05 (mozilla) File : nvt/glsa_200703_05.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1118-1 (mozilla) File : nvt/deb_1118_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1120-1 (mozilla-firefox) File : nvt/deb_1120_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1134-1 (mozilla-thunderbird) File : nvt/deb_1134_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1159-1 (mozilla-thunderbird) File : nvt/deb_1159_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1159-2 (mozilla-thunderbird) File : nvt/deb_1159_2.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1160-1 (mozilla) File : nvt/deb_1160_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1160-2 (mozilla) File : nvt/deb_1160_2.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1191-1 (mozilla-thunderbird) File : nvt/deb_1191_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1192-1 (mozilla) File : nvt/deb_1192_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1210-1 (mozilla-firefox) File : nvt/deb_1210_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
27668 | Mozilla Multiple Products nsIX509Cert getRawDER Function Double-free DoS |
26314 | Mozilla Multiple Products BOM on UTF-8 Page XSS |
26313 | Mozilla Multiple Products Text Box Arbitrary File Access (Variant) |
26312 | Mozilla Multiple Products VCard Invalid Base64 Character Double-free DoS |
26311 | Mozilla Multiple Products crypto.signText Function Overflow |
26310 | Mozilla Multiple Products Content-defined Setter Object Prototype Remote Priv... |
26309 | Mozilla Multiple Products PLUGINSPAGE Privileged JavaScript Execution |
26308 | Mozilla Multiple Products EvalInSandbox Bypass Privilege Escalation |
26307 | Mozilla Multiple Products iframe Self Removal Memory Corruption |
26306 | Mozilla Multiple Products XBL Implementation Memory Corruption |
26305 | Mozilla Multiple Products BoxObjects Memory Corruption |
26304 | Mozilla Multiple Products Content-implemented Tree View Memory Corruption |
26303 | Mozilla Multiple Products DOMNodeRemoved Mutation Event Memory Corruption |
26302 | Mozilla Multiple Products Select Tag Nested Option Memory Corruption |
26301 | Mozilla Multiple Products jsstr tagify Overflow |
26300 | Mozilla Multiple Products via Proxy Server HTTP Response Smuggling |
26299 | Mozilla Multiple Products View Image/Frame Source Attribute XSS |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Mozilla Firefox DOMNodeRemoved attack attempt RuleID : 17389 - Revision : 13 - Type : BROWSER-FIREFOX |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2006-0735.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2006-0733.nasl - Type : ACT_GATHER_INFO |
2009-06-09 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : safari_4.0.nasl - Type : ACT_GATHER_INFO |
2009-06-09 | Name : The remote host contains a web browser that is affected by several vulnerabil... File : macosx_Safari4_0.nasl - Type : ACT_GATHER_INFO |
2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-361-1.nasl - Type : ACT_GATHER_INFO |
2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-323-1.nasl - Type : ACT_GATHER_INFO |
2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-296-1.nasl - Type : ACT_GATHER_INFO |
2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-297-3.nasl - Type : ACT_GATHER_INFO |
2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-297-1.nasl - Type : ACT_GATHER_INFO |
2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-296-2.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaFirefox-1585.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_MozillaThunderbird-1672.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_seamonkey-1671.nasl - Type : ACT_GATHER_INFO |
2007-02-18 | Name : The remote host is missing Sun Security Patch number 120671-08 File : solaris8_120671.nasl - Type : ACT_GATHER_INFO |
2007-02-18 | Name : The remote host is missing Sun Security Patch number 120671-08 File : solaris9_120671.nasl - Type : ACT_GATHER_INFO |
2006-12-16 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2006-146.nasl - Type : ACT_GATHER_INFO |
2006-12-16 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2006-143.nasl - Type : ACT_GATHER_INFO |
2006-12-06 | Name : The remote host is missing Sun Security Patch number 120672-08 File : solaris9_x86_120672.nasl - Type : ACT_GATHER_INFO |
2006-12-06 | Name : The remote host is missing Sun Security Patch number 120672-08 File : solaris8_x86_120672.nasl - Type : ACT_GATHER_INFO |
2006-11-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1210.nasl - Type : ACT_GATHER_INFO |
2006-11-06 | Name : The remote host is missing Sun Security Patch number 119115-36 File : solaris10_119115.nasl - Type : ACT_GATHER_INFO |
2006-11-06 | Name : The remote host is missing Sun Security Patch number 119116-35 File : solaris10_x86_119116.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1192.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1191.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1160.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1159.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1134.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1120.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1118.nasl - Type : ACT_GATHER_INFO |
2006-08-30 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2006-0594.nasl - Type : ACT_GATHER_INFO |
2006-08-07 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2006-0609.nasl - Type : ACT_GATHER_INFO |
2006-08-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2006-0609.nasl - Type : ACT_GATHER_INFO |
2006-08-04 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2006-0611.nasl - Type : ACT_GATHER_INFO |
2006-08-04 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2006-0610.nasl - Type : ACT_GATHER_INFO |
2006-07-29 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2006-0611.nasl - Type : ACT_GATHER_INFO |
2006-07-29 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2006-0610.nasl - Type : ACT_GATHER_INFO |
2006-07-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2006-0578.nasl - Type : ACT_GATHER_INFO |
2006-06-20 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200606-21.nasl - Type : ACT_GATHER_INFO |
2006-06-16 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200606-12.nasl - Type : ACT_GATHER_INFO |
2006-06-03 | Name : A web browser on the remote host is prone to multiple flaws. File : seamonkey_102.nasl - Type : ACT_GATHER_INFO |
2006-06-03 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_1504.nasl - Type : ACT_GATHER_INFO |
2006-06-03 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_1504.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:50:06 |
|