CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
99.7%
The installed version of SeaMonkey contains various security issues that could cause the application to crash or lead to execution of arbitrary code on the affected host subject to the user’s privileges.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(27536);
script_version("1.15");
script_cve_id("CVE-2007-1095", "CVE-2007-2292", "CVE-2006-2894", "CVE-2007-3511",
"CVE-2007-4841", "CVE-2007-5334", "CVE-2007-5337", "CVE-2007-5338",
"CVE-2007-5339", "CVE-2007-5340");
script_bugtraq_id(18308, 22688, 23668, 24725, 25543, 26132);
script_name(english:"SeaMonkey < 1.1.5 Multiple Vulnerabilities");
script_summary(english:"Checks version of SeaMonkey");
script_set_attribute(attribute:"synopsis", value:
"A web browser on the remote host is prone to multiple flaws." );
script_set_attribute(attribute:"description", value:
"The installed version of SeaMonkey contains various security issues
that could cause the application to crash or lead to execution of
arbitrary code on the affected host subject to the user's privileges." );
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2007-28/" );
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2007-29/" );
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2007-30/" );
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2007-31/" );
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2007-32/" );
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2007-33/" );
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2007-34/" );
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2007-35/" );
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2007-36/" );
script_set_attribute(attribute:"solution", value:
"Upgrade to SeaMonkey 1.1.5 or later." );
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_cwe_id(16, 20, 200);
script_set_attribute(attribute:"plugin_publication_date", value: "2007/10/24");
script_set_attribute(attribute:"vuln_publication_date", value: "2006/06/05");
script_cvs_date("Date: 2018/07/27 18:38:15");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:seamonkey");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.");
script_dependencies("mozilla_org_installed.nasl");
script_require_keys("SeaMonkey/Version");
exit(0);
}
include("mozilla_version.inc");
port = get_kb_item("SMB/transport");
if (!port) port = 445;
installs = get_kb_list("SMB/SeaMonkey/*");
if (isnull(installs)) audit(AUDIT_NOT_INST, "SeaMonkey");
mozilla_check_version(installs:installs, product:'seamonkey', fix:'1.1.5', severity:SECURITY_HOLE);
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2894
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1095
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2292
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3511
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4841
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5334
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5337
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5338
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5339
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5340
www.mozilla.org/en-US/security/advisories/mfsa2007-28/
www.mozilla.org/en-US/security/advisories/mfsa2007-29/
www.mozilla.org/en-US/security/advisories/mfsa2007-30/
www.mozilla.org/en-US/security/advisories/mfsa2007-31/
www.mozilla.org/en-US/security/advisories/mfsa2007-32/
www.mozilla.org/en-US/security/advisories/mfsa2007-33/
www.mozilla.org/en-US/security/advisories/mfsa2007-34/
www.mozilla.org/en-US/security/advisories/mfsa2007-35/
www.mozilla.org/en-US/security/advisories/mfsa2007-36/