Lucene search

K
centosCentOS ProjectCESA-2008:0599-01
HistoryJul 18, 2008 - 5:08 a.m.

seamonkey security update

2008-07-1805:08:12
CentOS Project
lists.centos.org
63

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.452

Percentile

97.4%

CentOS Errata and Security Advisory CESA-2008:0599-01

SeaMonkey is an open source Web browser, advanced email and newsgroup
client, IRC chat client, and HTML editor.

An integer overflow flaw was found in the way SeaMonkey displayed certain
web content. A malicious web site could cause SeaMonkey to crash or execute
arbitrary code with the permissions of the user running SeaMonkey.
(CVE-2008-2785)

All seamonkey users should upgrade to these updated packages, which contain
a backported patch to resolve this issue.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2008-July/077315.html

Affected packages:
seamonkey
seamonkey-chat
seamonkey-devel
seamonkey-dom-inspector
seamonkey-js-debugger
seamonkey-mail
seamonkey-nspr
seamonkey-nspr-devel
seamonkey-nss
seamonkey-nss-devel

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.452

Percentile

97.4%