Oval Definition:	oval:com.redhat.rhsa:def:20111344
Revision Date: 2011-09-28 Version: 637 Title: RHSA-2011:1344: seamonkey security update (Critical) Description: SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. A flaw was found in the way SeaMonkey handled frame objects with certain names. An attacker could use this flaw to cause a plug-in to grant its content access to another site or the local file system, violating the same-origin policy. (CVE-2011-2999) An integer underflow flaw was found in the way SeaMonkey handled large JavaScript regular expressions. A web page containing malicious JavaScript could cause SeaMonkey to access already freed memory, causing SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2011-2998) All SeaMonkey users should upgrade to these updated packages, which correct these issues. After installing the update, SeaMonkey must be restarted for the changes to take effect. Family: unix Class: patch Status: Reference(s): CVE-2011-2998 CVE-2011-2999 RHSA-2011:1344 RHSA-2011:1344-01 RHSA-2011:1344-01 Platform(s): Red Hat Enterprise Linux 4 Product(s): Definition Synopsis Red Hat Enterprise Linux must be installed OR Package Information Red Hat Enterprise Linux 4 is installed AND seamonkey is earlier than 0:1.0.9-76.el4 AND seamonkey is signed with Red Hat redhatrelease2 key seamonkey-chat is earlier than 0:1.0.9-76.el4 AND seamonkey-chat is signed with Red Hat redhatrelease2 key seamonkey-devel is earlier than 0:1.0.9-76.el4 AND seamonkey-devel is signed with Red Hat redhatrelease2 key seamonkey-dom-inspector is earlier than 0:1.0.9-76.el4 AND seamonkey-dom-inspector is signed with Red Hat redhatrelease2 key seamonkey-js-debugger is earlier than 0:1.0.9-76.el4 AND seamonkey-js-debugger is signed with Red Hat redhatrelease2 key seamonkey-mail is earlier than 0:1.0.9-76.el4 AND seamonkey-mail is signed with Red Hat redhatrelease2 key
BACK