Detections
Analytics
openSUSE Security Update : seamonkey (openSUSE-SU-2012:0935-1)
critical Nessus Plugin ID 74698
Language:
Synopsis
The remote openSUSE host is missing a security update.Description
SeaMonkey was updated to version 2.11 (bnc#771583)- MFSA 2012-42/CVE-2012-1949/CVE-2012-1948 Miscellaneous memory safety hazards
- MFSA 2012-44/CVE-2012-1951/CVE-2012-1954/CVE-2012-1953/CVE-20 12-1952 Gecko memory corruption
- MFSA 2012-45/CVE-2012-1955 (bmo#757376) Spoofing issue with location
- MFSA 2012-47/CVE-2012-1957 (bmo#750096) Improper filtering of JavaScript in HTML feed-view
- MFSA 2012-48/CVE-2012-1958 (bmo#750820) use-after-free in nsGlobalWindow::PageHidden
- MFSA 2012-49/CVE-2012-1959 (bmo#754044, bmo#737559) Same-compartment Security Wrappers can be bypassed
- MFSA 2012-50/CVE-2012-1960 (bmo#761014) Out of bounds read in QCMS
- MFSA 2012-51/CVE-2012-1961 (bmo#761655) X-Frame-Options header ignored when duplicated
- MFSA 2012-52/CVE-2012-1962 (bmo#764296) JSDependentString::undepend string conversion results in memory corruption
- MFSA 2012-53/CVE-2012-1963 (bmo#767778) Content Security Policy 1.0 implementation errors cause data leakage
- MFSA 2012-56/CVE-2012-1967 (bmo#758344) Code execution through javascript: URLs
- relicensed to MPL-2.0
- updated/removed patches
- requires NSS 3.13.5
- update to SeaMonkey 2.10.1
Solution
Update the affected seamonkey packages.See Also
https://bugzilla.mozilla.org/show_bug.cgi?id=737559
https://bugzilla.mozilla.org/show_bug.cgi?id=750096
https://bugzilla.mozilla.org/show_bug.cgi?id=750820
https://bugzilla.mozilla.org/show_bug.cgi?id=754044
https://bugzilla.mozilla.org/show_bug.cgi?id=757376
https://bugzilla.mozilla.org/show_bug.cgi?id=758344
https://bugzilla.mozilla.org/show_bug.cgi?id=761014
https://bugzilla.mozilla.org/show_bug.cgi?id=761655
https://bugzilla.mozilla.org/show_bug.cgi?id=764296
https://bugzilla.mozilla.org/show_bug.cgi?id=767778
https://bugzilla.novell.com/show_bug.cgi?id=771583
https://lists.opensuse.org/opensuse-updates/2012-08/msg00005.html
Plugin Details
Severity: Critical
ID: 74698
File Name: openSUSE-2012-473.nasl
Version: 1.6
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 6/13/2014
Updated: 1/19/2021
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Critical
Base Score: 10
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: p-cpe:/a:novell:opensuse:seamonkey-debuginfo, p-cpe:/a:novell:opensuse:seamonkey-translations-other, p-cpe:/a:novell:opensuse:seamonkey-dom-inspector, p-cpe:/a:novell:opensuse:seamonkey, p-cpe:/a:novell:opensuse:seamonkey-translations-common, p-cpe:/a:novell:opensuse:seamonkey-venkman, p-cpe:/a:novell:opensuse:seamonkey-debugsource, cpe:/o:novell:opensuse:12.1, p-cpe:/a:novell:opensuse:seamonkey-irc
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Patch Publication Date: 7/27/2012
Vulnerability Publication Date: 7/18/2012
Reference Information
CVE: CVE-2012-1948, CVE-2012-1949, CVE-2012-1951, CVE-2012-1952, CVE-2012-1953, CVE-2012-1954, CVE-2012-1955, CVE-2012-1957, CVE-2012-1958, CVE-2012-1959, CVE-2012-1960, CVE-2012-1961, CVE-2012-1962, CVE-2012-1963, CVE-2012-1967