Lucene search
Copyright (C) 2009 SecPodOPENVAS:902003HistoryDec 23, 2009 - 12:00 a.m.
Seamonkey Multiple Vulnerabilities Dec-09 (Windows)
2009-12-2300:00:00
Copyright (C) 2009 SecPod
plugins.openvas.org
17
0.091 Low
EPSS
Percentile
94.0%
The host is installed with Seamonkey and is prone to multiple
vulnerabilities.
###############################################################################
# OpenVAS Vulnerability Test
# $Id: secpod_seamonkey_mult_vuln_dec09_win.nasl 5122 2017-01-27 12:16:00Z teissa $
#
# Seamonkey Multiple Vulnerabilities Dec-09 (Windows)
#
# Authors:
# Sharath S <[email protected]>
#
# Copyright:
# Copyright (c) 2009 SecPod, http://www.secpod.com
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
tag_impact = "Successful exploitation will allow attacker to conduct spoofing attacks,
bypass certain security restrictions, manipulate certain data, disclose
sensitive information, or compromise a user's system.
Impact Level: Application/System";
tag_affected = "Seamonkey version prior to 2.0.1 on Windows.";
tag_insight = "For more information about vulnerabilities on Seamonkey, refer the links
mentioned in references.";
tag_solution = "Upgrade to Seamonkey version 2.0.1
http://www.seamonkey-project.org/releases/";
tag_summary = "The host is installed with Seamonkey and is prone to multiple
vulnerabilities.";
if(description)
{
script_id(902003);
script_version("$Revision: 5122 $");
script_tag(name:"last_modification", value:"$Date: 2017-01-27 13:16:00 +0100 (Fri, 27 Jan 2017) $");
script_tag(name:"creation_date", value:"2009-12-23 08:41:41 +0100 (Wed, 23 Dec 2009)");
script_tag(name:"cvss_base", value:"9.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_cve_id("CVE-2009-3388", "CVE-2009-3389", "CVE-2009-3979", "CVE-2009-3980",
"CVE-2009-3981", "CVE-2009-3982", "CVE-2009-3983", "CVE-2009-3984",
"CVE-2009-3985", "CVE-2009-3986", "CVE-2009-3987");
script_bugtraq_id(37369, 37368, 37361, 37362, 37363, 37364, 37366, 37367, 37370,
37365, 37360);
script_name("Seamonkey Multiple Vulnerabilities Dec-09 (Windows)");
script_xref(name : "URL" , value : "http://secunia.com/advisories/37699");
script_xref(name : "URL" , value : "http://www.vupen.com/english/advisories/2009/3547");
script_xref(name : "URL" , value : "http://www.mozilla.org/security/announce/2009/mfsa2009-65.html");
script_xref(name : "URL" , value : "http://www.mozilla.org/security/announce/2009/mfsa2009-66.html");
script_xref(name : "URL" , value : "http://www.mozilla.org/security/announce/2009/mfsa2009-67.html");
script_xref(name : "URL" , value : "http://www.mozilla.org/security/announce/2009/mfsa2009-68.html");
script_xref(name : "URL" , value : "http://www.mozilla.org/security/announce/2009/mfsa2009-69.html");
script_xref(name : "URL" , value : "http://www.mozilla.org/security/announce/2009/mfsa2009-70.html");
script_xref(name : "URL" , value : "http://www.mozilla.org/security/announce/2009/mfsa2009-71.html");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 SecPod");
script_family("General");
script_dependencies("gb_seamonkey_detect_win.nasl");
script_require_keys("Seamonkey/Win/Ver");
script_tag(name : "impact" , value : tag_impact);
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "summary" , value : tag_summary);
script_tag(name:"qod_type", value:"registry");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("version_func.inc");
# Seamonkey Check
smVer = get_kb_item("Seamonkey/Win/Ver");
if(smVer)
{
# Grep for Seamonkey version prior to 2.0.1
if(version_is_less(version:smVer, test_version:"2.0.1")){
security_message(0);
}
}
References
secunia.com/advisories/37699
www.mozilla.org/security/announce/2009/mfsa2009-65.html
www.mozilla.org/security/announce/2009/mfsa2009-66.html
www.mozilla.org/security/announce/2009/mfsa2009-67.html
www.mozilla.org/security/announce/2009/mfsa2009-68.html
www.mozilla.org/security/announce/2009/mfsa2009-69.html
www.mozilla.org/security/announce/2009/mfsa2009-70.html
www.mozilla.org/security/announce/2009/mfsa2009-71.html
www.vupen.com/english/advisories/2009/3547
Related
nessus
nessus
openSUSE Security Update : seamonkey (seamonkey-1738)
2010-01-03 00:00:00
SeaMonkey < 2.0.1 Multiple Vulnerabilities
2009-12-16 00:00:00
Oracle Linux 3 / 4 : seamonkey (ELSA-2009-1673)
2013-07-12 00:00:00
securityvulns
securityvulns
Mozilla Firefox multiple security vulnerabilities
2009-12-17 00:00:00
Mozilla Foundation Security Advisory 2009-65
2009-12-17 00:00:00
Mozilla Foundation Security Advisory 2009-69
2009-12-17 00:00:00
openvas
openvas
Seamonkey Multiple Vulnerabilities (Dec 2009) - Linux
2009-12-23 00:00:00
Firefox Multiple Vulnerabilities Dec-09 (Windows)
2009-12-23 00:00:00
Seamonkey Multiple Vulnerabilities Dec-09 (Linux)
2009-12-23 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: gnome-python2-extras-2.25.3-10.fc11
2009-12-18 04:32:41
[SECURITY] Fedora 11 Update: xulrunner-1.9.1.6-1.fc11
2009-12-18 04:32:41
[SECURITY] Fedora 11 Update: firefox-3.5.6-1.fc11
2009-12-18 04:32:41
freebsd
freebsd
mozilla -- multiple vulnerabilities
2009-12-16 00:00:00
ubuntu
ubuntu
Firefox 3.5 and Xulrunner 1.9.1 regression
2010-01-08 00:00:00
Firefox 3.5 and Xulrunner 1.9.1 vulnerabilities
2009-12-18 00:00:00
Firefox 3.0 and Xulrunner 1.9 regression
2010-01-08 00:00:00
suse
suse
remote code execution in MozillaFirefox
2009-12-22 15:19:49
oraclelinux
oraclelinux
firefox security update
2009-12-16 00:00:00
seamonkey security update
2009-12-16 00:00:00
osv
osv
xulrunner - several vulnerabilities
2009-12-16 00:00:00
debian
debian
[SECURITY] [DSA 1956-1] New xulrunner packages fix several vulnerabilities
2009-12-16 21:15:39
centos
centos
firefox, xulrunner security update
2009-12-18 02:04:10
seamonkey security update
2009-12-18 19:04:27
redhat
redhat
(RHSA-2009:1674) Critical: firefox security update
2009-12-16 00:00:00
(RHSA-2009:1673) Critical: seamonkey security update
2009-12-15 00:00:00
mozilla
mozilla
Crashes with evidence of memory corruption (rv:1.9.1.6/ 1.9.0.16) — Mozilla
2009-12-15 00:00:00
Location bar spoofing vulnerabilities — Mozilla
2009-12-15 00:00:00
prion
prion
Design/Logic Flaw
2009-12-17 17:30:00
Design/Logic Flaw
2009-12-17 17:30:00
Memory corruption
2009-12-17 17:30:00
seebug
seebug
Firefox GeckoActiveXObject异常消息COM对象枚举漏洞
2009-12-20 00:00:00
Mozilla Firefox Location Bar Spoofing Vulnerability
2009-12-18 00:00:00
Firefox内容注入网页欺骗漏洞
2009-12-18 00:00:00
ubuntucve
ubuntucve
cve
cve
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:40:51
Spoofed Content Association
2020-04-10 00:41:43
Arbitrary Code Execution
2020-04-10 00:41:40
exploitpack
exploitpack
Mozilla Firefox - Location Bar Spoofing
2009-12-18 00:00:00
packetstorm
packetstorm
Mozilla Firefox Location Bar Spoof
2009-12-18 00:00:00
debiancve
debiancve
CVE-2009-3388
2009-12-17 17:30:00
gentoo
gentoo
libtheora: Arbitrary code execution
2013-12-03 00:00:00