9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.712 High
EPSS
Percentile
97.7%
SeaMonkey is an open source web browser, email and newsgroup client, IRC
chat client, and HTML editor.
Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause SeaMonkey to crash or,
potentially, execute arbitrary code with the privileges of the user running
SeaMonkey. (CVE-2010-1200)
A flaw was found in the way browser plug-ins interact. It was possible for
a plug-in to reference the freed memory from a different plug-in, resulting
in the execution of arbitrary code with the privileges of the user running
SeaMonkey. (CVE-2010-1198)
An integer overflow flaw was found in the processing of malformed web
content. A web page containing malicious content could cause SeaMonkey to
crash or, potentially, execute arbitrary code with the privileges of the
user running SeaMonkey. (CVE-2010-1199)
A flaw was found in the way SeaMonkey processed mail attachments. A
specially-crafted mail message could cause SeaMonkey to crash.
(CVE-2010-0163)
A flaw was found in the way SeaMonkey handled the βContent-Disposition:
attachmentβ HTTP header when the βContent-Type: multipartβ HTTP header was
also present. A website that allows arbitrary uploads and relies on the
βContent-Disposition: attachmentβ HTTP header to prevent content from being
displayed inline, could be used by an attacker to serve malicious content
to users. (CVE-2010-1197)
All SeaMonkey users should upgrade to these updated packages, which correct
these issues. After installing the update, SeaMonkey must be restarted for
the changes to take effect.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 4 | x86_64 | seamonkey-devel | <Β 1.0.9-58.el4_8 | seamonkey-devel-1.0.9-58.el4_8.x86_64.rpm |
RedHat | 4 | s390 | seamonkey-mail | <Β 1.0.9-58.el4_8 | seamonkey-mail-1.0.9-58.el4_8.s390.rpm |
RedHat | 4 | i386 | seamonkey-js-debugger | <Β 1.0.9-58.el4_8 | seamonkey-js-debugger-1.0.9-58.el4_8.i386.rpm |
RedHat | 4 | ppc | seamonkey-mail | <Β 1.0.9-58.el4_8 | seamonkey-mail-1.0.9-58.el4_8.ppc.rpm |
RedHat | 4 | i386 | seamonkey-mail | <Β 1.0.9-58.el4_8 | seamonkey-mail-1.0.9-58.el4_8.i386.rpm |
RedHat | 4 | ppc | seamonkey-js-debugger | <Β 1.0.9-58.el4_8 | seamonkey-js-debugger-1.0.9-58.el4_8.ppc.rpm |
RedHat | 4 | ia64 | seamonkey-chat | <Β 1.0.9-58.el4_8 | seamonkey-chat-1.0.9-58.el4_8.ia64.rpm |
RedHat | 4 | ia64 | seamonkey-js-debugger | <Β 1.0.9-58.el4_8 | seamonkey-js-debugger-1.0.9-58.el4_8.ia64.rpm |
RedHat | 4 | ia64 | seamonkey-dom-inspector | <Β 1.0.9-58.el4_8 | seamonkey-dom-inspector-1.0.9-58.el4_8.ia64.rpm |
RedHat | 4 | ppc | seamonkey | <Β 1.0.9-58.el4_8 | seamonkey-1.0.9-58.el4_8.ppc.rpm |