Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2006-2018 Tenable Network Security, Inc.SEAMONKEY_103.NASL
HistoryJul 27, 2006 - 12:00 a.m.

SeaMonkey < 1.0.3 Multiple Vulnerabilities

2006-07-2700:00:00
This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.
www.tenable.com
31
JSON

The installed version of SeaMonkey contains various security issues, some of which could lead to execution of arbitrary code on the affected host subject to the user’s privileges.

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(22097);
  script_version("1.27");
  script_cvs_date("Date: 2018/07/27 18:38:15");

  script_cve_id("CVE-2006-3113", "CVE-2006-3677", "CVE-2006-3801", "CVE-2006-3802",
                "CVE-2006-3803", "CVE-2006-3804", "CVE-2006-3805", "CVE-2006-3806",
                "CVE-2006-3807", "CVE-2006-3808", "CVE-2006-3809", "CVE-2006-3810",
                "CVE-2006-3811", "CVE-2006-3812");
  script_bugtraq_id(19181, 19192, 19197);
  script_xref(name:"CERT", value:"655892");

  script_name(english:"SeaMonkey < 1.0.3 Multiple Vulnerabilities");
  script_summary(english:"Checks version of SeaMonkey");

  script_set_attribute(attribute:"synopsis", value:
"A web browser on the remote host is prone to multiple flaws.");
  script_set_attribute(attribute:"description", value:
"The installed version of SeaMonkey contains various security issues,
some of which could lead to execution of arbitrary code on the affected
host subject to the user's privileges.");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-44/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-45/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-46/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-47/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-48/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-49/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-50/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-51/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-52/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-53/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-54/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-55/");
  script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-56/");
  script_set_attribute(attribute:"solution", value:"Upgrade to SeaMonkey 1.0.3 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Mozilla Suite/Firefox Navigator Object Code Execution');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");

  script_set_attribute(attribute:"plugin_publication_date", value:"2006/07/27");
  script_set_attribute(attribute:"patch_publication_date", value:"2006/07/25");
  script_set_attribute(attribute:"vuln_publication_date", value:"2006/07/25");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:seamonkey");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.");

  script_dependencies("mozilla_org_installed.nasl");
  script_require_keys("SeaMonkey/Version");


  exit(0);
}

include("mozilla_version.inc");
port = get_kb_item("SMB/transport");
if (!port) port = 445;

installs = get_kb_list("SMB/SeaMonkey/*");
if (isnull(installs)) audit(AUDIT_NOT_INST, "SeaMonkey");

mozilla_check_version(installs:installs, product:'seamonkey', fix:'1.0.3', severity:SECURITY_HOLE);
VendorProductVersionCPE
mozillaseamonkeycpe:/a:mozilla:seamonkey

References

Related

nessus 34
openvas 26
freebsd 1
gentoo 3
redhat 5
suse 1
centos 5
ubuntu 4
securityvulns 4
osv 3
debian 6
oraclelinux 2
mozilla 13
checkpoint_advisories 6
debiancve 14
ubuntucve 14
cert 11
cve 16
saint 4
seebug 3
exploitpack 1
packetstorm 1
zdi 1
exploitdb 1
prion 2
nessus
nessus
FreeBSD : mozilla -- multiple vulnerabilities (e2a92664-1d60-11db-88cf-000c6ec775d9)
2006-07-28 00:00:00
openSUSE 10 Security Update : seamonkey (seamonkey-1952)
2007-10-17 00:00:00
SuSE 10 Security Update : Firefox (ZYPP Patch Number 1960)
2007-12-13 00:00:00
openvas
openvas
FreeBSD Ports: firefox
2008-09-04 00:00:00
FreeBSD Ports: firefox
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200608-02 (SeaMonkey)
2008-09-24 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2006-07-25 00:00:00
gentoo
gentoo
Mozilla SeaMonkey: Multiple vulnerabilities
2006-08-03 00:00:00
Mozilla Firefox: Multiple vulnerabilities
2006-08-03 00:00:00
Mozilla Thunderbird: Multiple vulnerabilities
2006-08-03 00:00:00
redhat
redhat
(RHSA-2006:0608) seamonkey security update
2006-07-27 00:00:00
(RHSA-2006:0609) seamonkey security update
2006-08-02 00:00:00
(RHSA-2006:0594) seamonkey security update (was mozilla)
2006-08-28 00:00:00
suse
suse
remote code execution in MozillaFirefox,MozillaThunderbird,Seamonkey
2006-08-16 15:11:18
centos
centos
seamonkey security update
2006-08-04 20:56:41
devhelp, seamonkey security update
2006-08-05 15:16:05
seamonkey security update
2006-09-05 00:01:38
ubuntu
ubuntu
firefox vulnerabilities
2006-07-28 00:00:00
Thunderbird vulnerabilities
2006-07-29 00:00:00
Thunderbird vulnerabilities
2006-09-22 00:00:00
securityvulns
securityvulns
US-CERT Technical Cyber Security Alert TA06-208A -- Mozilla Products Contain Multiple Vulnerabilities
2006-07-28 00:00:00
[Full-disclosure] Secunia Research: Mozilla Firefox XPCOM Event Handling Memory Corruption
2006-07-27 00:00:00
Netscape/K-Meleon/Flock JavaScript navigator Vulnerability
2006-08-02 00:00:00
osv
osv
mozilla-firefox - several vulnerabilities
2006-08-29 00:00:00
mozilla-thunderbird - several
2006-08-28 00:00:00
mozilla - several
2006-08-29 00:00:00
debian
debian
[SECURITY] [DSA 1161-2] New Mozilla Firefox packages fix several vulnerabilities
2006-09-13 11:03:17
[SECURITY] [DSA 1161-1] New Mozilla Firefox packages fix several vulnerabilities
2006-08-29 17:17:51
[SECURITY] [DSA 1159-2] New Mozilla Thunderbird packages fix several problems
2006-09-08 05:50:27
oraclelinux
oraclelinux
Critical firefox security update
2006-12-07 00:00:00
Critical thunderbird security update
2006-12-07 00:00:00
mozilla
mozilla
JavaScript engine vulnerabilities — Mozilla
2006-07-25 00:00:00
Code execution through deleted frame reference — Mozilla
2006-07-25 00:00:00
XSS with XPCNativeWrapper(window).Function(...) — Mozilla
2006-07-25 00:00:00
checkpoint_advisories
checkpoint_advisories
Mozilla Firefox Javascript Deleted Frame Reference Code Execution - Ver2 (CVE-2006-3801)
2014-03-03 00:00:00
Mozilla Firefox Javascript Engine Code Execution - Ver2 (CVE-2006-3806)
2014-12-28 00:00:00
Mozilla Firefox New Function Garbage Collection Code Execution - Ver2 (CVE-2006-3803)
2014-01-07 00:00:00
debiancve
debiancve
CVE-2006-3801
2006-07-27 20:04:00
CVE-2006-3806
2006-07-27 19:04:00
CVE-2006-3808
2006-07-27 20:04:00
ubuntucve
ubuntucve
CVE-2006-3803
2006-07-27 00:00:00
CVE-2006-3808
2006-07-27 00:00:00
CVE-2006-3801
2006-07-27 00:00:00
cert
cert
Mozilla products fail to properly handle frame references
2006-07-27 00:00:00
Mozilla products contain a race condition
2006-07-27 00:00:00
Mozilla products VCard attachment buffer overflow
2006-07-27 00:00:00
cve
cve
CVE-2006-3801
2006-07-27 20:04:00
CVE-2006-3803
2006-07-27 19:04:00
CVE-2006-3808
2006-07-27 20:04:00
saint
saint
Mozilla Firefox JavaScript Navigator object vulnerability
2006-08-14 00:00:00
Mozilla Firefox JavaScript Navigator object vulnerability
2006-08-14 00:00:00
Mozilla Firefox JavaScript Navigator object vulnerability
2006-08-14 00:00:00
seebug
seebug
Mozilla Firefox Javascript Navigator Object Remote Code Execution Vulnerability
2006-10-24 00:00:00
Mozilla Firefox &lt;= 1.5.0.4 Javascript Navigator Object Code Execution PoC
2006-07-28 00:00:00
Mozilla Firefox <= 1.5.0.4 - Javascript Navigator Object Code Execution PoC
2014-07-01 00:00:00
exploitpack
exploitpack
Mozilla Firefox 1.5.0.4 - JavaScript Navigator Object Code Execution
2006-07-28 00:00:00
packetstorm
packetstorm
Mozilla Suite/Firefox Navigator Object Code Execution
2009-10-27 00:00:00
zdi
zdi
Mozilla Firefox Javascript navigator Object Vulnerability
2006-07-26 00:00:00
exploitdb
exploitdb
Mozilla Firefox 1.5.0.4 - JavaScript Navigator Object Code Execution
2006-07-28 00:00:00
prion
prion
Design/Logic Flaw
2007-04-02 22:19:00
Design/Logic Flaw
2008-02-12 21:00:00
JSON
Related for SEAMONKEY_103.NASL
nessus34openvas26freebsd1gentoo3redhat5suse1centos5ubuntu4securityvulns4osv3debian6oraclelinux2mozilla13checkpoint_advisories6debiancve14ubuntucve14cert11cve16saint4seebug3exploitpack1packetstorm1zdi1exploitdb1prion2