General : Mozilla Seamonkey Multiple Vulnerabilities-01 (Mac OS X)

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.803645
Kategorie:	General
Titel:	Mozilla Seamonkey Multiple Vulnerabilities-01 (Mac OS X)
Zusammenfassung:	The host is installed with Mozilla Seamonkey and is prone to multiple; vulnerabilities.
Beschreibung:	Summary: The host is installed with Mozilla Seamonkey and is prone to multiple vulnerabilities. Vulnerability Insight: The flaws are due to - memory corruption issues - An error within Chrome Object Wrapper (COW) when handling the 'InstallTrigger' object can be exploited to access certain privileged functions and properties. - Use-after-free in the IME State Manager code. - combination of invoking full screen mode and navigating backwards in history could, in some circumstances, cause a hang or crash due to a timing dependent use-after-free pointer reference. - Several methods of a feature used for testing (DOMWindowUtils) are not protected by existing security checks, allowing these methods to be called through script by web pages. - An error when GetProperty function is invoked through JSAPI, security checking can be bypassed when getting cross-origin properties. - An issue with spoofing of the location property. - Use-after-free, buffer overflow, and out of bounds read issues. - The location property can be accessed by binary plugins through top.location and top can be shadowed by Object.define Property as well. This can allow for possible XSS attacks through plugins. - several memory safety bugs in the browser engine used in mozilla products. Vulnerability Impact: Successful exploitation will let attackers to conduct cross site scripting attacks, cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unspecified vectors. Affected Software/OS: SeaMonkey versions before 2.13 on Mac OS X Solution: Upgrade to SeaMonkey version to 2.13 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	BugTraq ID: 55856 Common Vulnerability Exposure (CVE) ID: CVE-2012-4188 Debian Security Information: DSA-2565 (Google Search) http://www.debian.org/security/2012/dsa-2565 Debian Security Information: DSA-2569 (Google Search) http://www.debian.org/security/2012/dsa-2569 Debian Security Information: DSA-2572 (Google Search) http://www.debian.org/security/2012/dsa-2572 http://www.mandriva.com/security/advisories?name=MDVSA-2012:163 http://osvdb.org/86096 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16964 RedHat Security Advisories: RHSA-2012:1351 http://rhn.redhat.com/errata/RHSA-2012-1351.html http://secunia.com/advisories/50856 http://secunia.com/advisories/50892 http://secunia.com/advisories/50904 http://secunia.com/advisories/50935 http://secunia.com/advisories/50936 http://secunia.com/advisories/50984 http://secunia.com/advisories/51181 http://secunia.com/advisories/55318 SuSE Security Announcement: SUSE-SU-2012:1351 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00010.html http://www.ubuntu.com/usn/USN-1611-1 XForce ISS Database: firefox-convolve3x3-bo(79165) https://exchange.xforce.ibmcloud.com/vulnerabilities/79165 Common Vulnerability Exposure (CVE) ID: CVE-2012-4187 BugTraq ID: 56125 http://www.securityfocus.com/bid/56125 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16425 Common Vulnerability Exposure (CVE) ID: CVE-2012-4186 http://osvdb.org/86117 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16193 XForce ISS Database: firefox-nswavereader-bo(79163) https://exchange.xforce.ibmcloud.com/vulnerabilities/79163 Common Vulnerability Exposure (CVE) ID: CVE-2012-4185 BugTraq ID: 56127 http://www.securityfocus.com/bid/56127 http://osvdb.org/86116 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16009 XForce ISS Database: firefox-nschartraitslength-bo(79162) https://exchange.xforce.ibmcloud.com/vulnerabilities/79162 Common Vulnerability Exposure (CVE) ID: CVE-2012-4184 BugTraq ID: 56120 http://www.securityfocus.com/bid/56120 http://osvdb.org/86113 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16946 XForce ISS Database: firefox-cow-xss(79154) https://exchange.xforce.ibmcloud.com/vulnerabilities/79154 Common Vulnerability Exposure (CVE) ID: CVE-2012-3982 BugTraq ID: 55924 http://www.securityfocus.com/bid/55924 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16612 Common Vulnerability Exposure (CVE) ID: CVE-2012-3990 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16642 XForce ISS Database: firefox-nsicontent-code-exec(79172) https://exchange.xforce.ibmcloud.com/vulnerabilities/79172 Common Vulnerability Exposure (CVE) ID: CVE-2012-3988 http://osvdb.org/86109 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16334 XForce ISS Database: firefox-full-screen-code-exec(79149) https://exchange.xforce.ibmcloud.com/vulnerabilities/79149 Common Vulnerability Exposure (CVE) ID: CVE-2012-3986 BugTraq ID: 55922 http://www.securityfocus.com/bid/55922 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16834 Common Vulnerability Exposure (CVE) ID: CVE-2012-3991 BugTraq ID: 55930 http://www.securityfocus.com/bid/55930 http://osvdb.org/86098 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16646 Common Vulnerability Exposure (CVE) ID: CVE-2012-3992 BugTraq ID: 56128 http://www.securityfocus.com/bid/56128 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16987 Common Vulnerability Exposure (CVE) ID: CVE-2012-4183 BugTraq ID: 56140 http://www.securityfocus.com/bid/56140 http://osvdb.org/86095 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16850 XForce ISS Database: firefox-domsvgtests-code-exec(79161) https://exchange.xforce.ibmcloud.com/vulnerabilities/79161 Common Vulnerability Exposure (CVE) ID: CVE-2012-4182 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16191 XForce ISS Database: firefox-nstexteditrules-code-exec(79160) https://exchange.xforce.ibmcloud.com/vulnerabilities/79160 Common Vulnerability Exposure (CVE) ID: CVE-2012-4181 BugTraq ID: 56130 http://www.securityfocus.com/bid/56130 http://osvdb.org/86100 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16523 XForce ISS Database: firefox-nssmilanimationcontroller-code-exec(79159) https://exchange.xforce.ibmcloud.com/vulnerabilities/79159 Common Vulnerability Exposure (CVE) ID: CVE-2012-4180 http://osvdb.org/86099 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16428 XForce ISS Database: firefox-isprevcharinnode-bo(79158) https://exchange.xforce.ibmcloud.com/vulnerabilities/79158 Common Vulnerability Exposure (CVE) ID: CVE-2012-4179 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16882 XForce ISS Database: firefox-createcsspropertytxn-code-exec(79157) https://exchange.xforce.ibmcloud.com/vulnerabilities/79157 Common Vulnerability Exposure (CVE) ID: CVE-2012-3995 BugTraq ID: 56136 http://www.securityfocus.com/bid/56136 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16808 XForce ISS Database: firefox-iscsswordspacingspace-code-exec(79156) https://exchange.xforce.ibmcloud.com/vulnerabilities/79156 Common Vulnerability Exposure (CVE) ID: CVE-2012-3994 BugTraq ID: 56118 http://www.securityfocus.com/bid/56118 http://osvdb.org/86110 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16798 Common Vulnerability Exposure (CVE) ID: CVE-2012-3993 BugTraq ID: 56119 http://www.securityfocus.com/bid/56119 http://osvdb.org/86111 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16718 XForce ISS Database: firefox-cow-privilege-escalation(79153) https://exchange.xforce.ibmcloud.com/vulnerabilities/79153 Common Vulnerability Exposure (CVE) ID: CVE-2012-3983 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16901
Copyright	Copyright (C) 2012 Greenbone Networks GmbH