SeaMonkey < 1.1.8 Multiple Vulnerabilities

NASLDB: SeaMonkey < 1.1.8 Multiple Vulnerabilities

General

ID: 30210
Name: SeaMonkey < 1.1.8 Multiple Vulnerabilities

Summary: Checks version of SeaMonkey

Credits: Tenable Network Security, Inc.

Classification

Risk: –

CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Port: –
Family: Windows
Type: Local

Description

The installed version of SeaMonkey is affected by various security
issues :

– Several stability bugs leading to crashes which, in
some cases, show traces of memory corruption

– Several file input focus stealing vulnerabilities
that could result in uploading of arbitrary files
provided their full path and file names are known.

– Several issues that allow scripts from page content
to escape from their sandboxed context and/or run
with chrome privileges, resulting in privilege
escalation, XSS, and/or remote code execution.

– A directory traversal vulnerability via the
‘chrome:’ URI.

– A vulnerability involving ‘designMode’ frames that
may result in web browsing history and forward
navigation stealing.

– An information disclosure issue in the BMP
decoder.

– Mis-handling of locally-saved plain text files.

– Possible disclosure of sensitive URL parameters,
such as session tokens, via the .href property of
stylesheet DOM nodes reflecting the final URI of
the stylesheet after following any 302 redirects.

– A heap buffer overflow that can be triggered
when viewing an email with an external MIME
body.

– Multiple cross-site scripting vulnerabilities
related to character encoding.