Subject: | |
From: | |
Reply To: | |
Date: | Wed, 16 Dec 2009 13:25:18 -0600 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Synopsis: Critical: seamonkey security update
Issue date: 2009-12-15
CVE Names: CVE-2009-3979 CVE-2009-3983 CVE-2009-3984
Several flaws were found in the processing of malformed web content. A
web page containing malicious content could cause SeaMonkey to crash or,
potentially, execute arbitrary code with the privileges of the user
running SeaMonkey. (CVE-2009-3979)
A flaw was found in the SeaMonkey NT Lan Manager (NTLM) authentication
protocol implementation. If an attacker could trick a local user that
has NTLM credentials into visiting a specially-crafted web page, they
could send arbitrary requests, authenticated with the user's NTLM
credentials, to other applications on the user's system. (CVE-2009-3983)
A flaw was found in the way SeaMonkey displayed the SSL location bar
indicator. An attacker could create an unencrypted web page that appears
to be encrypted, possibly tricking the user into believing they are
visiting a secure page. (CVE-2009-3984)
After installing the update, SeaMonkey must be restarted for the changes
to take effect.
SL 3.0.x
SRPMS:
seamonkey-1.0.9-0.48.el3.src.rpm
i386:
seamonkey-1.0.9-0.48.el3.i386.rpm
seamonkey-chat-1.0.9-0.48.el3.i386.rpm
seamonkey-devel-1.0.9-0.48.el3.i386.rpm
seamonkey-dom-inspector-1.0.9-0.48.el3.i386.rpm
seamonkey-js-debugger-1.0.9-0.48.el3.i386.rpm
seamonkey-mail-1.0.9-0.48.el3.i386.rpm
seamonkey-nspr-1.0.9-0.48.el3.i386.rpm
seamonkey-nspr-devel-1.0.9-0.48.el3.i386.rpm
seamonkey-nss-1.0.9-0.48.el3.i386.rpm
seamonkey-nss-devel-1.0.9-0.48.el3.i386.rpm
x86_64:
seamonkey-1.0.9-0.48.el3.i386.rpm
seamonkey-1.0.9-0.48.el3.x86_64.rpm
seamonkey-chat-1.0.9-0.48.el3.i386.rpm
seamonkey-chat-1.0.9-0.48.el3.x86_64.rpm
seamonkey-devel-1.0.9-0.48.el3.x86_64.rpm
seamonkey-dom-inspector-1.0.9-0.48.el3.i386.rpm
seamonkey-dom-inspector-1.0.9-0.48.el3.x86_64.rpm
seamonkey-js-debugger-1.0.9-0.48.el3.i386.rpm
seamonkey-js-debugger-1.0.9-0.48.el3.x86_64.rpm
seamonkey-mail-1.0.9-0.48.el3.i386.rpm
seamonkey-mail-1.0.9-0.48.el3.x86_64.rpm
seamonkey-nspr-1.0.9-0.48.el3.i386.rpm
seamonkey-nspr-1.0.9-0.48.el3.x86_64.rpm
seamonkey-nspr-devel-1.0.9-0.48.el3.x86_64.rpm
seamonkey-nss-1.0.9-0.48.el3.i386.rpm
seamonkey-nss-1.0.9-0.48.el3.x86_64.rpm
seamonkey-nss-devel-1.0.9-0.48.el3.x86_64.rpm
SL 4.x
SRPMS:
seamonkey-1.0.9-51.el4_8.src.rpm
i386:
seamonkey-1.0.9-51.el4_8.i386.rpm
seamonkey-chat-1.0.9-51.el4_8.i386.rpm
seamonkey-devel-1.0.9-51.el4_8.i386.rpm
seamonkey-dom-inspector-1.0.9-51.el4_8.i386.rpm
seamonkey-js-debugger-1.0.9-51.el4_8.i386.rpm
seamonkey-mail-1.0.9-51.el4_8.i386.rpm
x86_64:
seamonkey-1.0.9-51.el4_8.i386.rpm
seamonkey-1.0.9-51.el4_8.x86_64.rpm
seamonkey-chat-1.0.9-51.el4_8.i386.rpm
seamonkey-chat-1.0.9-51.el4_8.x86_64.rpm
seamonkey-devel-1.0.9-51.el4_8.x86_64.rpm
seamonkey-dom-inspector-1.0.9-51.el4_8.i386.rpm
seamonkey-dom-inspector-1.0.9-51.el4_8.x86_64.rpm
seamonkey-js-debugger-1.0.9-51.el4_8.i386.rpm
seamonkey-js-debugger-1.0.9-51.el4_8.x86_64.rpm
seamonkey-mail-1.0.9-51.el4_8.i386.rpm
seamonkey-mail-1.0.9-51.el4_8.x86_64.rpm
-Connie Sieh
-Troy Dawson
|
|
|