What Are You Looking For?

Sign Up
Date:         Fri, 19 Feb 2010 14:07:34 -0600
Reply-To:     Troy Dawson 
Sender:       Security Errata for Scientific Linux
              
From:         Troy Dawson 
Subject:      Security ERRATA Critical: seamonkey on SL3.x, SL4.x i386/x86_64
Comments: To: "scientific-linux-errata@fnal.gov"
          

Synopsis:	Critical: seamonkey security update
Issue date:	2010-02-17
CVE Names:	CVE-2009-1571 CVE-2010-0159

CVE-2010-0159 Mozilla crashes with evidence of memory corruption (MFSA 
2010-01)
CVE-2009-1571 Mozilla incorrectly frees used memory (MFSA 2010-03)

A use-after-free flaw was found in SeaMonkey. Under low memory 
conditions, visiting a web page containing malicious content could 
result in SeaMonkey executing arbitrary code with the privileges of the 
user running SeaMonkey. (CVE-2009-1571)

Several flaws were found in the processing of malformed web content. A 
web page containing malicious content could cause SeaMonkey to crash or,
potentially, execute arbitrary code with the privileges of the user 
running SeaMonkey. (CVE-2010-0159)

After installing the update, SeaMonkey must be restarted for the changes 
to take effect.

SL 3.0.x

      SRPMS:
seamonkey-1.0.9-0.50.el3.src.rpm
      i386:
seamonkey-1.0.9-52.el4_8.i386.rpm
seamonkey-chat-1.0.9-52.el4_8.i386.rpm
seamonkey-devel-1.0.9-52.el4_8.i386.rpm
seamonkey-dom-inspector-1.0.9-52.el4_8.i386.rpm
seamonkey-js-debugger-1.0.9-52.el4_8.i386.rpm
seamonkey-mail-1.0.9-52.el4_8.i386.rpm
      x86_64:
seamonkey-1.0.9-52.el4_8.i386.rpm
seamonkey-1.0.9-52.el4_8.x86_64.rpm
seamonkey-chat-1.0.9-52.el4_8.i386.rpm
seamonkey-chat-1.0.9-52.el4_8.x86_64.rpm
seamonkey-devel-1.0.9-52.el4_8.x86_64.rpm
seamonkey-dom-inspector-1.0.9-52.el4_8.i386.rpm
seamonkey-dom-inspector-1.0.9-52.el4_8.x86_64.rpm
seamonkey-js-debugger-1.0.9-52.el4_8.i386.rpm
seamonkey-js-debugger-1.0.9-52.el4_8.x86_64.rpm
seamonkey-mail-1.0.9-52.el4_8.i386.rpm
seamonkey-mail-1.0.9-52.el4_8.x86_64.rpm

SL 4.x

      SRPMS:
seamonkey-1.0.9-52.el4_8.src.rpm
      i386:
seamonkey-1.0.9-0.50.el3.i386.rpm
seamonkey-chat-1.0.9-0.50.el3.i386.rpm
seamonkey-devel-1.0.9-0.50.el3.i386.rpm
seamonkey-dom-inspector-1.0.9-0.50.el3.i386.rpm
seamonkey-js-debugger-1.0.9-0.50.el3.i386.rpm
seamonkey-mail-1.0.9-0.50.el3.i386.rpm
seamonkey-nspr-1.0.9-0.50.el3.i386.rpm
seamonkey-nspr-devel-1.0.9-0.50.el3.i386.rpm
seamonkey-nss-1.0.9-0.50.el3.i386.rpm
seamonkey-nss-devel-1.0.9-0.50.el3.i386.rpm
      x86_64:
seamonkey-1.0.9-0.50.el3.i386.rpm
seamonkey-1.0.9-0.50.el3.x86_64.rpm
seamonkey-chat-1.0.9-0.50.el3.i386.rpm
seamonkey-chat-1.0.9-0.50.el3.x86_64.rpm
seamonkey-devel-1.0.9-0.50.el3.x86_64.rpm
seamonkey-dom-inspector-1.0.9-0.50.el3.i386.rpm
seamonkey-dom-inspector-1.0.9-0.50.el3.x86_64.rpm
seamonkey-js-debugger-1.0.9-0.50.el3.i386.rpm
seamonkey-js-debugger-1.0.9-0.50.el3.x86_64.rpm
seamonkey-mail-1.0.9-0.50.el3.i386.rpm
seamonkey-mail-1.0.9-0.50.el3.x86_64.rpm
seamonkey-nspr-1.0.9-0.50.el3.i386.rpm
seamonkey-nspr-1.0.9-0.50.el3.x86_64.rpm
seamonkey-nspr-devel-1.0.9-0.50.el3.x86_64.rpm
seamonkey-nss-1.0.9-0.50.el3.i386.rpm
seamonkey-nss-1.0.9-0.50.el3.x86_64.rpm
seamonkey-nss-devel-1.0.9-0.50.el3.x86_64.rpm

-Connie Sieh
-Troy Dawson

SciLinux: CVE-2009-1571 Critical: seamonkey SL3.x, SL4.x i386/x86_64

Critical: seamonkey security update

Summary

CVE-2009-1571 Mozilla incorrectly frees used memory (MFSA 2010-03)A use-after-free flaw was found in SeaMonkey. Under low memoryconditions, visiting a web page containing malicious content couldresult in SeaMonkey executing arbitrary code with the privileges of theuser running SeaMonkey. (CVE-2009-1571)Several flaws were found in the processing of malformed web content. Aweb page containing malicious content could cause SeaMonkey to crash or,potentially, execute arbitrary code with the privileges of the userrunning SeaMonkey. (CVE-2010-0159)After installing the update, SeaMonkey must be restarted for the changesto take effect.SL 3.0.xSRPMS:seamonkey-1.0.9-0.50.el3.src.rpmi386:seamonkey-1.0.9-52.el4_8.i386.rpmseamonkey-chat-1.0.9-52.el4_8.i386.rpmseamonkey-devel-1.0.9-52.el4_8.i386.rpmseamonkey-dom-inspector-1.0.9-52.el4_8.i386.rpmseamonkey-js-debugger-1.0.9-52.el4_8.i386.rpmseamonkey-mail-1.0.9-52.el4_8.i386.rpmx86_64:seamonkey-1.0.9-52.el4_8.i386.rpmseamonkey-1.0.9-52.el4_8.x86_64.rpmseamonkey-chat-1.0.9-52.el4_8.i386.rpmseamonkey-chat-1.0.9-52.el4_8.x86_64.rpmseamonkey-devel-1.0.9-52.el4_8.x86_64.rpmseamonkey-dom-inspector-1.0.9-52.el4_8.i386.rpmseamonkey-dom-inspector-1.0.9-52.el4_8.x86_64.rpmseamonkey-js-debugger-1.0.9-52.el4_8.i386.rpmseamonkey-js-debugger-1.0.9-52.el4_8.x86_64.rpmseamonkey-mail-1.0.9-52.el4_8.i386.rpmseamonkey-mail-1.0.9-52.el4_8.x86_64.rpm



Security Fixes

Severity
Issued Date: : 2010-02-17
CVE Names: CVE-2009-1571 CVE-2010-0159
CVE-2010-0159 Mozilla crashes with evidence of memory corruption (MFSA
2010-01)

Related News

Kubernetes Security on AWS: A Practical Guide

Nov 18, 2023

Nitrux 3.2.0 Linux Distro Released with Enhanced Security and New Features

Nov 28, 2023

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

Nov 25, 2023

LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In

Nov 25, 2023

News

Advisories

HOWTOs

Features

Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024
Cloud Security Basics for Small Businesses
Scanning and Defending Networks with Nmap
CISA Issues Urgent Warning Over Active Exploitation of Looney Tunables glibc Bug

About Us

Powered By

Footer Logo