ID de Prueba:	1.3.6.1.4.1.25623.1.0.900312
Categoría:	Web application abuses
Título:	Mozilla Seamonkey Multiple Vulnerabilities (Feb 2009) - Windows
Resumen:	Mozilla Seamonkey browser is prone to multiple vulnerabilities.
Descripción:	Summary: Mozilla Seamonkey browser is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws due to: - Vectors related to the layout engine and destruction of arbitrary layout objects by the 'nsViewManager::Composite' function. - Cookies marked 'HTTPOnly' are readable by JavaScript through the request calls of XMLHttpRequest methods i.e. XMLHttpRequest.getAllResponseHeaders and XMLHttpRequest.getResponseHeader. Vulnerability Impact: Successful exploitation could result in bypassing certain security restrictions, information disclosures, JavaScript code executions which can be executed with the privileges of the signed users. Affected Software/OS: Seamonkey version prior to 1.1.15 on Windows. Solution: Upgrade to Seamonkey version 1.1.15. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0352 1021663 http://www.securitytracker.com/id?1021663 33598 http://www.securityfocus.com/bid/33598 33799 http://secunia.com/advisories/33799 33802 http://secunia.com/advisories/33802 33808 http://secunia.com/advisories/33808 33809 http://secunia.com/advisories/33809 33816 http://secunia.com/advisories/33816 33831 http://secunia.com/advisories/33831 33841 http://secunia.com/advisories/33841 33846 http://secunia.com/advisories/33846 33869 http://secunia.com/advisories/33869 34324 http://secunia.com/advisories/34324 34387 http://secunia.com/advisories/34387 34417 http://secunia.com/advisories/34417 34462 http://secunia.com/advisories/34462 34464 http://secunia.com/advisories/34464 34527 http://secunia.com/advisories/34527 ADV-2009-0313 http://www.vupen.com/english/advisories/2009/0313 DSA-1830 http://www.debian.org/security/2009/dsa-1830 FEDORA-2009-1399 https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00240.html FEDORA-2009-2882 https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00769.html FEDORA-2009-2884 https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00771.html FEDORA-2009-3101 https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01077.html MDVSA-2009:044 http://www.mandriva.com/security/advisories?name=MDVSA-2009:044 MDVSA-2009:083 http://www.mandriva.com/security/advisories?name=MDVSA-2009:083 RHSA-2009:0256 http://rhn.redhat.com/errata/RHSA-2009-0256.html RHSA-2009:0257 http://www.redhat.com/support/errata/RHSA-2009-0257.html RHSA-2009:0258 http://www.redhat.com/support/errata/RHSA-2009-0258.html SSA:2009-083-02 http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.405420 SSA:2009-083-03 http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.433952 SUSE-SA:2009:009 http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00001.html SUSE-SA:2009:023 http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00009.html USN-717-1 http://www.ubuntu.com/usn/usn-717-1 USN-741-1 https://usn.ubuntu.com/741-1/ http://support.avaya.com/elmodocs2/security/ASA-2009-040.htm http://www.mozilla.org/security/announce/2009/mfsa2009-01.html https://bugzilla.mozilla.org/show_bug.cgi?id=331088 https://bugzilla.mozilla.org/show_bug.cgi?id=401042 https://bugzilla.mozilla.org/show_bug.cgi?id=416461 https://bugzilla.mozilla.org/show_bug.cgi?id=420697 https://bugzilla.mozilla.org/show_bug.cgi?id=421839 https://bugzilla.mozilla.org/show_bug.cgi?id=422283 https://bugzilla.mozilla.org/show_bug.cgi?id=422301 https://bugzilla.mozilla.org/show_bug.cgi?id=431705 https://bugzilla.mozilla.org/show_bug.cgi?id=437142 https://bugzilla.mozilla.org/show_bug.cgi?id=449006 https://bugzilla.mozilla.org/show_bug.cgi?id=461027 oval:org.mitre.oval:def:10699 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10699 Common Vulnerability Exposure (CVE) ID: CVE-2009-0353 https://bugzilla.mozilla.org/show_bug.cgi?id=452913 oval:org.mitre.oval:def:11193 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11193 Common Vulnerability Exposure (CVE) ID: CVE-2009-0356 1021666 http://www.securitytracker.com/id?1021666 http://www.mozilla.org/security/announce/2009/mfsa2009-04.html https://bugzilla.mozilla.org/show_bug.cgi?id=460425 oval:org.mitre.oval:def:9922 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9922 Common Vulnerability Exposure (CVE) ID: CVE-2009-0357 1021668 http://www.securitytracker.com/id?1021668 USN-717-2 http://www.ubuntu.com/usn/usn-717-2 http://ha.ckers.org/blog/20070511/bluehat-errata/ http://www.mozilla.org/security/announce/2009/mfsa2009-05.html https://bugzilla.mozilla.org/show_bug.cgi?id=380418 oval:org.mitre.oval:def:9459 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9459
Copyright	Copyright (C) 2009 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.