(RHSA-2010:0680) Critical: seamonkey security update

2010-09-0700:00:00

access.redhat.com

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.429 Medium

EPSS

Percentile

97.0%

JSON

SeaMonkey is an open source web browser, email and newsgroup client, IRC
chat client, and HTML editor.

Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause SeaMonkey to crash or,
potentially, execute arbitrary code with the privileges of the user running
SeaMonkey. (CVE-2010-3169)

A buffer overflow flaw was found in SeaMonkey. A web page containing
malicious content could cause SeaMonkey to crash or, potentially, execute
arbitrary code with the privileges of the user running SeaMonkey.
(CVE-2010-2765)

A use-after-free flaw and several dangling pointer flaws were found in
SeaMonkey. A web page containing malicious content could cause SeaMonkey to
crash or, potentially, execute arbitrary code with the privileges of the
user running SeaMonkey. (CVE-2010-2760, CVE-2010-2767, CVE-2010-3167,
CVE-2010-3168)

A cross-site scripting (XSS) flaw was found in SeaMonkey. A web page
containing malicious content could cause SeaMonkey to run JavaScript code
with the permissions of a different website. (CVE-2010-2768)

All SeaMonkey users should upgrade to these updated packages, which correct
these issues. After installing the update, SeaMonkey must be restarted for
the changes to take effect.

OSVersionArchitecturePackageVersionFilename
RedHat4i386seamonkey-js-debugger< 1.0.9-63.el4seamonkey-js-debugger-1.0.9-63.el4.i386.rpm
RedHat4x86_64seamonkey-mail< 1.0.9-63.el4seamonkey-mail-1.0.9-63.el4.x86_64.rpm
RedHat4ia64seamonkey-mail< 1.0.9-63.el4seamonkey-mail-1.0.9-63.el4.ia64.rpm
RedHat4s390xseamonkey-js-debugger< 1.0.9-63.el4seamonkey-js-debugger-1.0.9-63.el4.s390x.rpm
RedHat4s390seamonkey-mail< 1.0.9-63.el4seamonkey-mail-1.0.9-63.el4.s390.rpm
RedHat4srcseamonkey< 1.0.9-63.el4seamonkey-1.0.9-63.el4.src.rpm
RedHat4s390xseamonkey-mail< 1.0.9-63.el4seamonkey-mail-1.0.9-63.el4.s390x.rpm
RedHat4i386seamonkey-mail< 1.0.9-63.el4seamonkey-mail-1.0.9-63.el4.i386.rpm
RedHat4i386seamonkey-chat< 1.0.9-63.el4seamonkey-chat-1.0.9-63.el4.i386.rpm
RedHat4ppcseamonkey-chat< 1.0.9-63.el4seamonkey-chat-1.0.9-63.el4.ppc.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	4	i386	seamonkey-js-debugger	< 1.0.9-63.el4	seamonkey-js-debugger-1.0.9-63.el4.i386.rpm
RedHat	4	x86_64	seamonkey-mail	< 1.0.9-63.el4	seamonkey-mail-1.0.9-63.el4.x86_64.rpm
RedHat	4	ia64	seamonkey-mail	< 1.0.9-63.el4	seamonkey-mail-1.0.9-63.el4.ia64.rpm
RedHat	4	s390x	seamonkey-js-debugger	< 1.0.9-63.el4	seamonkey-js-debugger-1.0.9-63.el4.s390x.rpm
RedHat	4	s390	seamonkey-mail	< 1.0.9-63.el4	seamonkey-mail-1.0.9-63.el4.s390.rpm
RedHat	4	src	seamonkey	< 1.0.9-63.el4	seamonkey-1.0.9-63.el4.src.rpm
RedHat	4	s390x	seamonkey-mail	< 1.0.9-63.el4	seamonkey-mail-1.0.9-63.el4.s390x.rpm
RedHat	4	i386	seamonkey-mail	< 1.0.9-63.el4	seamonkey-mail-1.0.9-63.el4.i386.rpm
RedHat	4	i386	seamonkey-chat	< 1.0.9-63.el4	seamonkey-chat-1.0.9-63.el4.i386.rpm
RedHat	4	ppc	seamonkey-chat	< 1.0.9-63.el4	seamonkey-chat-1.0.9-63.el4.ppc.rpm