Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title seamonkey security update
Informations
Name RHSA-2008:0547 First vendor Publication 2008-07-02
Vendor RedHat Last vendor Modification 2008-07-02
Severity (Vendor) Critical Revision 01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated seamonkey packages that fix a security issues are now available for Red Hat Enterprise Linux 2.1, Red Hat Enterprise Linux 3 and Red Hat Enterprise Linux 4.

This update has been rated as having critical security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Description:

SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor.

Multiple flaws were found in the processing of malformed JavaScript content. A web page containing such malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code as the user running SeaMonkey. (CVE-2008-2801, CVE-2008-2802, CVE-2008-2803)

Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code as the user running SeaMonkey. (CVE-2008-2798, CVE-2008-2799, CVE-2008-2811)

Several flaws were found in the way malformed web content was displayed. A web page containing specially-crafted content could potentially trick a SeaMonkey user into surrendering sensitive information. (CVE-2008-2800)

Two local file disclosure flaws were found in SeaMonkey. A web page containing malicious content could cause SeaMonkey to reveal the contents of a local file to a remote attacker. (CVE-2008-2805, CVE-2008-2810)

A flaw was found in the way a malformed .properties file was processed by SeaMonkey. A malicious extension could read uninitialized memory, possibly leaking sensitive data to the extension. (CVE-2008-2807)

A flaw was found in the way SeaMonkey escaped a listing of local file names. If a user could be tricked into listing a local directory containing malicious file names, arbitrary JavaScript could be run with the permissions of the user running SeaMonkey. (CVE-2008-2808)

A flaw was found in the way SeaMonkey displayed information about self-signed certificates. It was possible for a self-signed certificate to contain multiple alternate name entries, which were not all displayed to the user, allowing them to mistakenly extend trust to an unknown site. (CVE-2008-2809)

All SeaMonkey users should upgrade to these updated packages, which contain backported patches to resolve these issues.

4. Solution:

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188

5. Bugs fixed (http://bugzilla.redhat.com/):

452597 - CVE-2008-2798 Firefox malformed web content flaws 452598 - CVE-2008-2799 Firefox javascript arbitrary code execution 452599 - CVE-2008-2800 Firefox XSS attacks 452600 - CVE-2008-2802 Firefox arbitrary JavaScript code execution 452602 - CVE-2008-2803 Firefox javascript arbitrary code execution 452604 - CVE-2008-2805 Firefox arbitrary file disclosure 452605 - CVE-2008-2801 Firefox arbitrary signed JAR code execution 452709 - CVE-2008-2807 Firefox .properties memory leak 452710 - CVE-2008-2808 Firefox file location escaping flaw 452711 - CVE-2008-2809 Firefox self signed certificate flaw 452712 - CVE-2008-2810 Firefox arbitrary file disclosure 453007 - CVE-2008-2811 Firefox block reflow flaw

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2008-0547.html

CWE : Common Weakness Enumeration

% Id Name
25 % CWE-399 Resource Management Errors
25 % CWE-264 Permissions, Privileges, and Access Controls
17 % CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25)
17 % CWE-20 Improper Input Validation
8 % CWE-287 Improper Authentication
8 % CWE-200 Information Exposure

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10087
 
Oval ID: oval:org.mitre.oval:def:10087
Title: Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown vectors related to the layout engine.
Description: Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown vectors related to the layout engine.
Family: unix Class: vulnerability
Reference(s): CVE-2008-2798
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10143
 
Oval ID: oval:org.mitre.oval:def:10143
Title: Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remote attackers to force the upload of arbitrary local files from a client computer via vectors involving originalTarget and DOM Range.
Description: Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remote attackers to force the upload of arbitrary local files from a client computer via vectors involving originalTarget and DOM Range.
Family: unix Class: vulnerability
Reference(s): CVE-2008-2805
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10205
 
Oval ID: oval:org.mitre.oval:def:10205
Title: Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonkey 1.1.5 and other versions before 1.1.10, Netscape 9.0, and other Mozilla-based web browsers, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regard the certificate as also accepted for all domain names in subjectAltName:dNSName fields, which makes it easier for remote attackers to trick a user into accepting an invalid certificate for a spoofed web site.
Description: Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonkey 1.1.5 and other versions before 1.1.10, Netscape 9.0, and other Mozilla-based web browsers, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regard the certificate as also accepted for all domain names in subjectAltName:dNSName fields, which makes it easier for remote attackers to trick a user into accepting an invalid certificate for a spoofed web site.
Family: unix Class: vulnerability
Reference(s): CVE-2008-2809
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10743
 
Oval ID: oval:org.mitre.oval:def:10743
Title: Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown vectors related to the JavaScript engine.
Description: Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown vectors related to the JavaScript engine.
Family: unix Class: vulnerability
Reference(s): CVE-2008-2799
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10747
 
Oval ID: oval:org.mitre.oval:def:10747
Title: The mozIJSSubScriptLoader.LoadScript function in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 does not apply XPCNativeWrappers to scripts loaded from (1) file: URIs, (2) data: URIs, or (3) certain non-canonical chrome: URIs, which allows remote attackers to execute arbitrary code via vectors involving third-party add-ons.
Description: The mozIJSSubScriptLoader.LoadScript function in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 does not apply XPCNativeWrappers to scripts loaded from (1) file: URIs, (2) data: URIs, or (3) certain non-canonical chrome: URIs, which allows remote attackers to execute arbitrary code via vectors involving third-party add-ons.
Family: unix Class: vulnerability
Reference(s): CVE-2008-2803
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11121
 
Oval ID: oval:org.mitre.oval:def:11121
Title: Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to execute arbitrary code via an XUL document that includes a script from a chrome: URI that points to a fastload file, related to this file's "privilege level."
Description: Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to execute arbitrary code via an XUL document that includes a script from a chrome: URI that points to a fastload file, related to this file's "privilege level."
Family: unix Class: vulnerability
Reference(s): CVE-2008-2802
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11810
 
Oval ID: oval:org.mitre.oval:def:11810
Title: Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly implement JAR signing, which allows remote attackers to execute arbitrary code via (1) injection of JavaScript into documents within a JAR archive or (2) a JAR archive that uses relative URLs to JavaScript files.
Description: Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly implement JAR signing, which allows remote attackers to execute arbitrary code via (1) injection of JavaScript into documents within a JAR archive or (2) a JAR archive that uses relative URLs to JavaScript files.
Family: unix Class: vulnerability
Reference(s): CVE-2008-2801
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17505
 
Oval ID: oval:org.mitre.oval:def:17505
Title: USN-619-1 -- firefox vulnerabilities
Description: Various flaws were discovered in the browser engine.
Family: unix Class: patch
Reference(s): USN-619-1
CVE-2008-2798
CVE-2008-2799
CVE-2008-2800
CVE-2008-2801
CVE-2008-2802
CVE-2008-2803
CVE-2008-2805
CVE-2008-2806
CVE-2008-2807
CVE-2008-2808
CVE-2008-2809
CVE-2008-2810
CVE-2008-2811
Version: 7
Platform(s): Ubuntu 6.06
Ubuntu 7.04
Ubuntu 7.10
Product(s): firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18570
 
Oval ID: oval:org.mitre.oval:def:18570
Title: DSA-1621-1 icedove - several vulnerabilities
Description: Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client.
Family: unix Class: patch
Reference(s): DSA-1621-1
CVE-2008-0304
CVE-2008-2785
CVE-2008-2798
CVE-2008-2799
CVE-2008-2802
CVE-2008-2803
CVE-2008-2807
CVE-2008-2809
CVE-2008-2811
Version: 7
Platform(s): Debian GNU/Linux 4.0
Product(s): icedove
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20284
 
Oval ID: oval:org.mitre.oval:def:20284
Title: DSA-1607-1 iceweasel - several vulnerabilities
Description: Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser.
Family: unix Class: patch
Reference(s): DSA-1607-1
CVE-2008-2798
CVE-2008-2799
CVE-2008-2800
CVE-2008-2801
CVE-2008-2802
CVE-2008-2803
CVE-2008-2805
CVE-2008-2807
CVE-2008-2808
CVE-2008-2809
CVE-2008-2811
Version: 5
Platform(s): Debian GNU/Linux 4.0
Product(s): iceweasel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22266
 
Oval ID: oval:org.mitre.oval:def:22266
Title: ELSA-2008:0616: thunderbird security update (Moderate)
Description: The block reflow implementation in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image whose display requires more pixels than nscoord_MAX, related to nsBlockFrame::DrainOverflowLines.
Family: unix Class: patch
Reference(s): ELSA-2008:0616-01
CVE-2008-2785
CVE-2008-2798
CVE-2008-2799
CVE-2008-2800
CVE-2008-2801
CVE-2008-2802
CVE-2008-2803
CVE-2008-2805
CVE-2008-2807
CVE-2008-2808
CVE-2008-2809
CVE-2008-2810
CVE-2008-2811
Version: 57
Platform(s): Oracle Linux 5
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22654
 
Oval ID: oval:org.mitre.oval:def:22654
Title: ELSA-2008:0569: firefox security update (Critical)
Description: The block reflow implementation in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image whose display requires more pixels than nscoord_MAX, related to nsBlockFrame::DrainOverflowLines.
Family: unix Class: patch
Reference(s): ELSA-2008:0569-01
CVE-2008-2798
CVE-2008-2799
CVE-2008-2800
CVE-2008-2801
CVE-2008-2802
CVE-2008-2803
CVE-2008-2805
CVE-2008-2807
CVE-2008-2808
CVE-2008-2809
CVE-2008-2810
CVE-2008-2811
Version: 53
Platform(s): Oracle Linux 5
Product(s): devhelp
firefox
xulrunner
yelp
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28716
 
Oval ID: oval:org.mitre.oval:def:28716
Title: RHSA-2008:0616 -- thunderbird security update (Moderate)
Description: Updated thunderbird packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. Multiple flaws were found in the processing of malformed JavaScript content. An HTML mail containing such malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code as the user running Thunderbird. (CVE-2008-2801, CVE-2008-2802, CVE-2008-2803)
Family: unix Class: patch
Reference(s): RHSA-2008:0616
CESA-2008:0616-CentOS 5
CVE-2008-2785
CVE-2008-2798
CVE-2008-2799
CVE-2008-2800
CVE-2008-2801
CVE-2008-2802
CVE-2008-2803
CVE-2008-2805
CVE-2008-2807
CVE-2008-2808
CVE-2008-2809
CVE-2008-2810
CVE-2008-2811
Version: 3
Platform(s): Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): thunderbird
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29028
 
Oval ID: oval:org.mitre.oval:def:29028
Title: RHSA-2008:0569 -- firefox security update (Critical)
Description: Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Multiple flaws were found in the processing of malformed JavaScript content. A web page containing such malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2008-2801, CVE-2008-2802, CVE-2008-2803)
Family: unix Class: patch
Reference(s): RHSA-2008:0569
CESA-2008:0569-CentOS 5
CVE-2008-2798
CVE-2008-2799
CVE-2008-2800
CVE-2008-2801
CVE-2008-2802
CVE-2008-2803
CVE-2008-2805
CVE-2008-2807
CVE-2008-2808
CVE-2008-2809
CVE-2008-2810
CVE-2008-2811
Version: 3
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): devhelp
firefox
xulrunner
yelp
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7564
 
Oval ID: oval:org.mitre.oval:def:7564
Title: DSA-1621 icedove -- several vulnerabilities
Description: Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client. The Common Vulnerabilities and Exposures project identifies the following problems: It was discovered that a buffer overflow in MIME decoding can lead to the execution of arbitrary code. It was discovered that missing boundary checks on a reference counter for CSS objects can lead to the execution of arbitrary code. Devon Hubbard, Jesse Ruderman and Martijn Wargers discovered crashes in the layout engine, which might allow the execution of arbitrary code. Igor Bukanov, Jesse Ruderman and Gary Kwong discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. "moz_bug_r_a4" discovered that XUL documents can escalate privileges by accessing the pre-compiled "fastload" file. "moz_bug_r_a4" discovered that missing input sanitising in the mozIJSSubScriptLoader.loadSubScript() function could lead to the execution of arbitrary code. Iceweasel itself is not affected, but some addons are. Daniel Glazman discovered that a programming error in the code for parsing .properties files could lead to memory content being exposed to addons, which could lead to information disclosure. John G. Myers, Frank Benkstein and Nils Toedtmann discovered that alternate names on self-signed certificates were handled insufficiently, which could lead to spoofings secure connections. Greg McManus discovered discovered a crash in the block reflow code, which might allow the execution of arbitrary code. For the stable distribution (etch), these problems have been fixed in version 1.5.0.13+1.5.0.15b.dfsg1+prepatch080614d-0etch1. Packages for s390 are not yet available and will be provided later. For the unstable distribution (sid), these problems have been fixed in version 2.0.0.16-1. We recommend that you upgrade your icedove package.
Family: unix Class: patch
Reference(s): DSA-1621
CVE-2008-0304
CVE-2008-2785
CVE-2008-2798
CVE-2008-2799
CVE-2008-2802
CVE-2008-2803
CVE-2008-2807
CVE-2008-2809
CVE-2008-2811
Version: 3
Platform(s): Debian GNU/Linux 4.0
Product(s): icedove
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8196
 
Oval ID: oval:org.mitre.oval:def:8196
Title: DSA-1607 iceweasel -- several vulnerabilities
Description: Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems: Devon Hubbard, Jesse Ruderman and Martijn Wargers discovered crashes in the layout engine, which might allow the execution of arbitrary code. Igor Bukanov, Jesse Ruderman and Gary Kwong discovered crashes in the Javascript engine, which might allow the execution of arbitrary code. "moz_bug_r_a4" discovered several cross-site scripting vulnerabilities. Collin Jackson and Adam Barth discovered that Javascript code could be executed in the context of signed JAR archives. "moz_bug_r_a4" discovered that XUL documents can escalate privileges by accessing the pre-compiled "fastload" file. "moz_bug_r_a4" discovered that missing input sanitising in the mozIJSSubScriptLoader.loadSubScript() function could lead to the execution of arbitrary code. Iceweasel itself is not affected, but some addons are. Claudio Santambrogio discovered that missing access validation in DOM parsing allows malicious web sites to force the browser to upload local files to the server, which could lead to information disclosure. Daniel Glazman discovered that a programming error in the code for parsing .properties files could lead to memory content being exposed to addons, which could lead to information disclosure. Masahiro Yamada discovered that file URLS in directory listings were insufficiently escaped. John G. Myers, Frank Benkstein and Nils Toedtmann discovered that alternate names on self-signed certificates were handled insufficiently, which could lead to spoofings secure connections. Greg McManus discovered a crash in the block reflow code, which might allow the execution of arbitrary code.
Family: unix Class: patch
Reference(s): DSA-1607
CVE-2008-2798
CVE-2008-2799
CVE-2008-2800
CVE-2008-2801
CVE-2008-2802
CVE-2008-2803
CVE-2008-2805
CVE-2008-2807
CVE-2008-2808
CVE-2008-2809
CVE-2008-2811
Version: 3
Platform(s): Debian GNU/Linux 4.0
Product(s): iceweasel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9386
 
Oval ID: oval:org.mitre.oval:def:9386
Title: Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via vectors involving (1) an event handler attached to an outer window, (2) a SCRIPT element in an unloaded document, or (3) the onreadystatechange handler in conjunction with an XMLHttpRequest.
Description: Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via vectors involving (1) an event handler attached to an outer window, (2) a SCRIPT element in an unloaded document, or (3) the onreadystatechange handler in conjunction with an XMLHttpRequest.
Family: unix Class: vulnerability
Reference(s): CVE-2008-2800
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9432
 
Oval ID: oval:org.mitre.oval:def:9432
Title: Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly handle an invalid .properties file for an add-on, which allows remote attackers to read uninitialized memory, as demonstrated by use of ISO 8859 encoding instead of UTF-8 encoding in a French .properties file.
Description: Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly handle an invalid .properties file for an add-on, which allows remote attackers to read uninitialized memory, as demonstrated by use of ISO 8859 encoding instead of UTF-8 encoding in a French .properties file.
Family: unix Class: vulnerability
Reference(s): CVE-2008-2807
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9593
 
Oval ID: oval:org.mitre.oval:def:9593
Title: Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly identify the context of Windows shortcut files, which allows user-assisted remote attackers to bypass the Same Origin Policy via a crafted web site for which the user has previously saved a shortcut.
Description: Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly identify the context of Windows shortcut files, which allows user-assisted remote attackers to bypass the Same Origin Policy via a crafted web site for which the user has previously saved a shortcut.
Family: unix Class: vulnerability
Reference(s): CVE-2008-2810
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9668
 
Oval ID: oval:org.mitre.oval:def:9668
Title: Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// URLs in directory listings, which allows remote attackers to conduct cross-site scripting (XSS) attacks or have unspecified other impact via a crafted filename.
Description: Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// URLs in directory listings, which allows remote attackers to conduct cross-site scripting (XSS) attacks or have unspecified other impact via a crafted filename.
Family: unix Class: vulnerability
Reference(s): CVE-2008-2808
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9865
 
Oval ID: oval:org.mitre.oval:def:9865
Title: The block reflow implementation in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image whose display requires more pixels than nscoord_MAX, related to nsBlockFrame::DrainOverflowLines.
Description: The block reflow implementation in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image whose display requires more pixels than nscoord_MAX, related to nsBlockFrame::DrainOverflowLines.
Family: unix Class: vulnerability
Reference(s): CVE-2008-2811
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 119
Application 31
Application 79
Application 1

OpenVAS Exploits

Date Description
2009-10-13 Name : SLES10: Security update for MozillaFirefox
File : nvt/sles10_MozillaFirefox5.nasl
2009-04-09 Name : Mandriva Update for mozilla-thunderbird MDVSA-2008:155-1 (mozilla-thunderbird)
File : nvt/gb_mandriva_MDVSA_2008_155_1.nasl
2009-04-09 Name : Mandriva Update for mozilla-thunderbird MDVSA-2008:155 (mozilla-thunderbird)
File : nvt/gb_mandriva_MDVSA_2008_155.nasl
2009-04-09 Name : Mandriva Update for mozilla-firefox MDVSA-2008:136 (mozilla-firefox)
File : nvt/gb_mandriva_MDVSA_2008_136.nasl
2009-03-23 Name : Ubuntu Update for mozilla-thunderbird, thunderbird vulnerabilities USN-629-1
File : nvt/gb_ubuntu_USN_629_1.nasl
2009-03-23 Name : Ubuntu Update for firefox vulnerabilities USN-619-1
File : nvt/gb_ubuntu_USN_619_1.nasl
2009-03-06 Name : RedHat Update for thunderbird RHSA-2008:0616-01
File : nvt/gb_RHSA-2008_0616-01_thunderbird.nasl
2009-03-06 Name : RedHat Update for firefox RHSA-2008:0569-01
File : nvt/gb_RHSA-2008_0569-01_firefox.nasl
2009-03-06 Name : RedHat Update for firefox RHSA-2008:0549-01
File : nvt/gb_RHSA-2008_0549-01_firefox.nasl
2009-03-06 Name : RedHat Update for seamonkey RHSA-2008:0547-01
File : nvt/gb_RHSA-2008_0547-01_seamonkey.nasl
2009-02-27 Name : CentOS Update for firefox CESA-2008:0549 centos4 x86_64
File : nvt/gb_CESA-2008_0549_firefox_centos4_x86_64.nasl
2009-02-27 Name : CentOS Update for firefox CESA-2008:0549 centos4 i386
File : nvt/gb_CESA-2008_0549_firefox_centos4_i386.nasl
2009-02-27 Name : CentOS Update for firefox CESA-2008:0549 centos3 i386
File : nvt/gb_CESA-2008_0549_firefox_centos3_i386.nasl
2009-02-27 Name : CentOS Update for firefox CESA-2008:0549 centos3 x86_64
File : nvt/gb_CESA-2008_0549_firefox_centos3_x86_64.nasl
2009-02-27 Name : CentOS Update for seamonkey CESA-2008:0547 centos4 x86_64
File : nvt/gb_CESA-2008_0547_seamonkey_centos4_x86_64.nasl
2009-02-27 Name : CentOS Update for seamonkey CESA-2008:0547 centos4 i386
File : nvt/gb_CESA-2008_0547_seamonkey_centos4_i386.nasl
2009-02-27 Name : CentOS Update for seamonkey CESA-2008:0547 centos3 x86_64
File : nvt/gb_CESA-2008_0547_seamonkey_centos3_x86_64.nasl
2009-02-27 Name : CentOS Update for seamonkey CESA-2008:0547 centos3 i386
File : nvt/gb_CESA-2008_0547_seamonkey_centos3_i386.nasl
2009-02-27 Name : CentOS Update for seamonkey CESA-2008:0547-01 centos2 i386
File : nvt/gb_CESA-2008_0547-01_seamonkey_centos2_i386.nasl
2009-02-17 Name : Fedora Update for kazehakase FEDORA-2008-6127
File : nvt/gb_fedora_2008_6127_kazehakase_fc8.nasl
2009-02-17 Name : Fedora Update for liferea FEDORA-2008-6127
File : nvt/gb_fedora_2008_6127_liferea_fc8.nasl
2009-02-17 Name : Fedora Update for openvrml FEDORA-2008-6127
File : nvt/gb_fedora_2008_6127_openvrml_fc8.nasl
2009-02-17 Name : Fedora Update for ruby-gnome2 FEDORA-2008-6127
File : nvt/gb_fedora_2008_6127_ruby-gnome2_fc8.nasl
2009-02-17 Name : Fedora Update for yelp FEDORA-2008-6127
File : nvt/gb_fedora_2008_6127_yelp_fc8.nasl
2009-02-17 Name : Fedora Update for seamonkey FEDORA-2008-6193
File : nvt/gb_fedora_2008_6193_seamonkey_fc9.nasl
2009-02-17 Name : Fedora Update for seamonkey FEDORA-2008-6196
File : nvt/gb_fedora_2008_6196_seamonkey_fc8.nasl
2009-02-17 Name : Fedora Update for thunderbird FEDORA-2008-6706
File : nvt/gb_fedora_2008_6706_thunderbird_fc8.nasl
2009-02-17 Name : Fedora Update for thunderbird FEDORA-2008-6737
File : nvt/gb_fedora_2008_6737_thunderbird_fc9.nasl
2009-02-17 Name : Fedora Update for galeon FEDORA-2008-6127
File : nvt/gb_fedora_2008_6127_galeon_fc8.nasl
2009-02-17 Name : Fedora Update for gnome-web-photo FEDORA-2008-6127
File : nvt/gb_fedora_2008_6127_gnome-web-photo_fc8.nasl
2009-02-17 Name : Fedora Update for Miro FEDORA-2008-6127
File : nvt/gb_fedora_2008_6127_Miro_fc8.nasl
2009-02-17 Name : Fedora Update for blam FEDORA-2008-6127
File : nvt/gb_fedora_2008_6127_blam_fc8.nasl
2009-02-17 Name : Fedora Update for chmsee FEDORA-2008-6127
File : nvt/gb_fedora_2008_6127_chmsee_fc8.nasl
2009-02-17 Name : Fedora Update for devhelp FEDORA-2008-6127
File : nvt/gb_fedora_2008_6127_devhelp_fc8.nasl
2009-02-17 Name : Fedora Update for epiphany-extensions FEDORA-2008-6127
File : nvt/gb_fedora_2008_6127_epiphany-extensions_fc8.nasl
2009-02-17 Name : Fedora Update for firefox FEDORA-2008-6127
File : nvt/gb_fedora_2008_6127_firefox_fc8.nasl
2009-02-17 Name : Fedora Update for gnome-python2-extras FEDORA-2008-6127
File : nvt/gb_fedora_2008_6127_gnome-python2-extras_fc8.nasl
2009-02-17 Name : Fedora Update for gtkmozembedmm FEDORA-2008-6127
File : nvt/gb_fedora_2008_6127_gtkmozembedmm_fc8.nasl
2009-02-17 Name : Fedora Update for epiphany FEDORA-2008-6127
File : nvt/gb_fedora_2008_6127_epiphany_fc8.nasl
2009-01-23 Name : SuSE Update for MozillaFirefox SUSE-SA:2008:034
File : nvt/gb_suse_2008_034.nasl
2009-01-13 Name : Debian Security Advisory DSA 1697-1 (iceape)
File : nvt/deb_1697_1.nasl
2008-10-07 Name : Mozilla Seamonkey Multiple Vulnerability July-08 (Linux)
File : nvt/gb_seamonkey_mult_vuln_july08_lin.nasl
2008-10-07 Name : Mozilla Thunderbird Multiple Vulnerability July-08 (Linux)
File : nvt/gb_thunderbird_mult_vuln_july08_lin.nasl
2008-10-07 Name : Mozilla Firefox Multiple Vulnerability July-08 (Linux)
File : nvt/gb_firefox_mult_vuln_july08_lin.nasl
2008-10-06 Name : Mozilla Seamonkey Multiple Vulnerability July-08 (Win)
File : nvt/gb_seamonkey_mult_vuln_july08_win.nasl
2008-10-06 Name : Mozilla Firefox Multiple Vulnerability July-08 (Win)
File : nvt/gb_firefox_mult_vuln_july08_win.nasl
2008-10-06 Name : Mozilla Thunderbird Multiple Vulnerability July-08 (Win)
File : nvt/gb_thunderbird_mult_vuln_july08_win.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200808-03 (mozilla ...)
File : nvt/glsa_200808_03.nasl
2008-08-15 Name : Debian Security Advisory DSA 1621-1 (icedove)
File : nvt/deb_1621_1.nasl
2008-08-15 Name : Debian Security Advisory DSA 1615-1 (xulrunner)
File : nvt/deb_1615_1.nasl
2008-07-15 Name : Debian Security Advisory DSA 1607-1 (iceweasel)
File : nvt/deb_1607_1.nasl
0000-00-00 Name : Slackware Advisory SSA:2008-191-03 seamonkey
File : nvt/esoft_slk_ssa_2008_191_03.nasl
0000-00-00 Name : Slackware Advisory SSA:2008-210-05 mozilla-thunderbird
File : nvt/esoft_slk_ssa_2008_210_05.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
46688 Mozilla Multiple Browser XMLHttpRequest / onreadystatechange Handler XSS

46687 Mozilla Multiple Browser Unloaded Document script Element XSS

46686 Mozilla Multiple Browser nsXMLHttpRequest::OnChannelRedirect() Function Same-...

46685 Mozilla Multiple Browser Outer Window Event Handler XUL Element XSS

46684 Mozilla Multiple Browser Signed JAR JavaScript Injection

46683 Mozilla Multiple Product Non-priviliged XUL Documents chrome: Privilege Escal...

46682 Mozilla Multiple Product mozIJSSubScriptLoader.LoadScript() Arbitrary Code Ex...

46681 Mozilla Multiple Browser originalTarget / DOM Range Arbitrary File Upload

46679 Mozilla Multiple Browser Add-on .properties File Arbitrary Memory Disclosure

46678 Mozilla Multiple Browser Directory Listing File Name XSS

46677 Mozilla Multiple Product Peer-trusted Certificate Alternate Name Spoofing

46676 Mozilla Multiple Browser Windows URL Shortcut Handling Cross-context Execution

46675 Mozilla Multiple Product Engine Block Reflow Code Arbitrary Code Execution

46674 Mozilla Multiple Product JavaScript Engine Multiple Unspecified Memory Corrup...

46673 Mozilla Multiple Product Layout Engine Multiple Unspecified Memory Corruption

Nessus® Vulnerability Scanner

Date Description
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2008-0547.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2008-0549.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2008-0569.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2008-0616.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20080702_firefox_on_SL_5_2.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing a security update.
File : sl_20080702_firefox_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20080702_seamonkey_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing a security update.
File : sl_20080723_thunderbird_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2008-0616.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2008-0569.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_seamonkey-080912.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2008-136.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2008-155.nasl - Type : ACT_GATHER_INFO
2009-01-08 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1697.nasl - Type : ACT_GATHER_INFO
2008-09-14 Name : The remote openSUSE host is missing a security update.
File : suse_seamonkey-5600.nasl - Type : ACT_GATHER_INFO
2008-08-08 Name : The remote Fedora host is missing a security update.
File : fedora_2008-6706.nasl - Type : ACT_GATHER_INFO
2008-08-08 Name : The remote Fedora host is missing a security update.
File : fedora_2008-6737.nasl - Type : ACT_GATHER_INFO
2008-08-07 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200808-03.nasl - Type : ACT_GATHER_INFO
2008-07-29 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2008-210-05.nasl - Type : ACT_GATHER_INFO
2008-07-28 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1621.nasl - Type : ACT_GATHER_INFO
2008-07-25 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-629-1.nasl - Type : ACT_GATHER_INFO
2008-07-24 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2008-0616.nasl - Type : ACT_GATHER_INFO
2008-07-24 Name : The remote Windows host contains a mail client that is affected by multiple v...
File : mozilla_thunderbird_20016.nasl - Type : ACT_GATHER_INFO
2008-07-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1615.nasl - Type : ACT_GATHER_INFO
2008-07-15 Name : The remote openSUSE host is missing a security update.
File : suse_MozillaFirefox-5411.nasl - Type : ACT_GATHER_INFO
2008-07-15 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_MozillaFirefox-5405.nasl - Type : ACT_GATHER_INFO
2008-07-15 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1607.nasl - Type : ACT_GATHER_INFO
2008-07-10 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2008-191-03.nasl - Type : ACT_GATHER_INFO
2008-07-10 Name : The remote Fedora host is missing a security update.
File : fedora_2008-6196.nasl - Type : ACT_GATHER_INFO
2008-07-10 Name : The remote Fedora host is missing a security update.
File : fedora_2008-6193.nasl - Type : ACT_GATHER_INFO
2008-07-08 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2008-6127.nasl - Type : ACT_GATHER_INFO
2008-07-08 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-619-1.nasl - Type : ACT_GATHER_INFO
2008-07-08 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2008-0547.nasl - Type : ACT_GATHER_INFO
2008-07-08 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2008-0549.nasl - Type : ACT_GATHER_INFO
2008-07-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0569.nasl - Type : ACT_GATHER_INFO
2008-07-08 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2008-0549.nasl - Type : ACT_GATHER_INFO
2008-07-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0547.nasl - Type : ACT_GATHER_INFO
2008-07-02 Name : A web browser on the remote host is affected by multiple vulnerabilities.
File : seamonkey_1110.nasl - Type : ACT_GATHER_INFO
2008-07-02 Name : The remote Windows host contains a web browser that is affected by multiple v...
File : mozilla_firefox_20015.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:51:46
  • Multiple Updates