Detections
Analytics
SeaMonkey < 1.1.16 XSL Transformation Overflow DoS
high Log Correlation Engine Plugin ID 800872
Synopsis
The remote host is vulnerable to a buffer overflow.Description
The installed version of SeaMonkey is earlier than 1.1.16. An XSL transformation vulnerability in such versions can be leveraged with a specially crafted stylesheet to crash the browser or to execute arbitrary code.Solution
Upgrade to version 1.1.16 or higher.See Also
http://www.mozilla.org/security/announce/2009/mfsa2009-14.html
http://www.mozilla.org/security/announce/2009/mfsa2009-12.html
Plugin Details
Severity: High
ID: 800872
Family: Web Clients
Nessus ID: 36130
Reference Information
CVE: CVE-2009-1169
BID: 34235