RedHat Update for seamonkey RHSA-2010:0557-01. Contains a fix for an invalid free flaw in SeaMonkey's plugin handler, which could lead to a crash or potential execution of arbitrary code
Reporter | Title | Published | Views | Family All 74 |
---|---|---|---|---|
![]() | [SECURITY] Fedora 13 Update: xulrunner-1.9.2.7-2.fc13 | 27 Jul 201002:49 | โ | fedora |
![]() | [SECURITY] Fedora 12 Update: xulrunner-1.9.1.11-2.fc12 | 27 Jul 201002:45 | โ | fedora |
![]() | Fedora Update for xulrunner FEDORA-2010-11452 | 30 Jul 201000:00 | โ | openvas |
![]() | Fedora Update for xulrunner FEDORA-2010-11472 | 30 Jul 201000:00 | โ | openvas |
![]() | RedHat Update for firefox RHSA-2010:0556-01 | 26 Jul 201000:00 | โ | openvas |
![]() | Fedora Update for xulrunner FEDORA-2010-11472 | 30 Jul 201000:00 | โ | openvas |
![]() | CentOS Update for seamonkey CESA-2010:0557 centos3 i386 | 20 Aug 201000:00 | โ | openvas |
![]() | RedHat Update for firefox RHSA-2010:0558-01 | 26 Jul 201000:00 | โ | openvas |
![]() | Oracle: Security Advisory (ELSA-2010-0556) | 6 Oct 201500:00 | โ | openvas |
![]() | Fedora Update for xulrunner FEDORA-2010-11452 | 30 Jul 201000:00 | โ | openvas |
Source | Link |
---|---|
redhat | www.redhat.com/archives/rhsa-announce/2010-July/msg00017.html |
###############################################################################
# OpenVAS Vulnerability Test
#
# RedHat Update for seamonkey RHSA-2010:0557-01
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "SeaMonkey is an open source web browser, email and newsgroup client, IRC
chat client, and HTML editor.
An invalid free flaw was found in SeaMonkey's plugin handler. Malicious web
content could result in an invalid memory pointer being freed, causing
SeaMonkey to crash or, potentially, execute arbitrary code with the
privileges of the user running SeaMonkey. (CVE-2010-2755)
All SeaMonkey users should upgrade to these updated packages, which correct
this issue. After installing the update, SeaMonkey must be restarted for
the changes to take effect.";
tag_affected = "seamonkey on Red Hat Enterprise Linux AS version 3,
Red Hat Enterprise Linux AS version 4,
Red Hat Enterprise Linux ES version 3,
Red Hat Enterprise Linux ES version 4,
Red Hat Enterprise Linux WS version 3,
Red Hat Enterprise Linux WS version 4";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name : "URL" , value : "https://www.redhat.com/archives/rhsa-announce/2010-July/msg00017.html");
script_oid("1.3.6.1.4.1.25623.1.0.870296");
script_version("$Revision: 8469 $");
script_tag(name:"last_modification", value:"$Date: 2018-01-19 08:58:21 +0100 (Fri, 19 Jan 2018) $");
script_tag(name:"creation_date", value:"2010-07-26 16:14:51 +0200 (Mon, 26 Jul 2010)");
script_xref(name: "RHSA", value: "2010:0557-01");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_cve_id("CVE-2010-2755");
script_name("RedHat Update for seamonkey RHSA-2010:0557-01");
script_tag(name: "summary" , value: "Check for the Version of seamonkey");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
script_family("Red Hat Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/rhel", "ssh/login/rpms");
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "RHENT_4")
{
if ((res = isrpmvuln(pkg:"seamonkey", rpm:"seamonkey~1.0.9~61.el4", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"seamonkey-chat", rpm:"seamonkey-chat~1.0.9~61.el4", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"seamonkey-debuginfo", rpm:"seamonkey-debuginfo~1.0.9~61.el4", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"seamonkey-devel", rpm:"seamonkey-devel~1.0.9~61.el4", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"seamonkey-dom-inspector", rpm:"seamonkey-dom-inspector~1.0.9~61.el4", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"seamonkey-js-debugger", rpm:"seamonkey-js-debugger~1.0.9~61.el4", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"seamonkey-mail", rpm:"seamonkey-mail~1.0.9~61.el4", rls:"RHENT_4")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "RHENT_3")
{
if ((res = isrpmvuln(pkg:"seamonkey", rpm:"seamonkey~1.0.9~0.58.el3", rls:"RHENT_3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"seamonkey-chat", rpm:"seamonkey-chat~1.0.9~0.58.el3", rls:"RHENT_3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"seamonkey-debuginfo", rpm:"seamonkey-debuginfo~1.0.9~0.58.el3", rls:"RHENT_3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"seamonkey-devel", rpm:"seamonkey-devel~1.0.9~0.58.el3", rls:"RHENT_3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"seamonkey-dom-inspector", rpm:"seamonkey-dom-inspector~1.0.9~0.58.el3", rls:"RHENT_3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"seamonkey-js-debugger", rpm:"seamonkey-js-debugger~1.0.9~0.58.el3", rls:"RHENT_3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"seamonkey-mail", rpm:"seamonkey-mail~1.0.9~0.58.el3", rls:"RHENT_3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"seamonkey-nspr", rpm:"seamonkey-nspr~1.0.9~0.58.el3", rls:"RHENT_3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"seamonkey-nspr-devel", rpm:"seamonkey-nspr-devel~1.0.9~0.58.el3", rls:"RHENT_3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"seamonkey-nss", rpm:"seamonkey-nss~1.0.9~0.58.el3", rls:"RHENT_3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"seamonkey-nss-devel", rpm:"seamonkey-nss-devel~1.0.9~0.58.el3", rls:"RHENT_3")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo