Lucene search

K
nessusTenable5479.PRM
HistoryMar 19, 2010 - 12:00 a.m.

SeaMonkey < 1.1.19 Multiple Vulnerabilities

2010-03-1900:00:00
Tenable
www.tenable.com
16

The remote host is running a version of SeaMonkey earlier than 1.1.19. Such versions are potentially affected by multiple vulnerabilities :

  • The columns of a XUL tree element could be manipulated in a particular way which would leave a pointer owned by the column pointing to freed memory. (MFSA 2009-49)

  • A heap-based overflow exists in Mozilla’s string to floating point number conversion routines. (MFSA 2009-59)

  • It is possible to obfuscate the name of files to be downloaded by using a right-to-left override character (RTL). (MFSA 2009-62)

  • Mozilla’s NTLM implementation is vulnerable to reflection attacks in which NTLM credentials from one application could be forwarded to another arbitrary application. (MFSA 2009-68)

  • Scriptable plugin content, such as Flash objects, can be loaded and executed by embedding the content in an iframe inside the message. (MFSA 2010-06)

  • Multiple memory corruption vulnerabilities which could potentially lead to the execution of arbitrary code. (MFSA 2010-07)

Binary data 5479.prm
VendorProductVersion
mozillaseamonkey

References