CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
98.4%
Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor.
Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1211, CVE-2010-2753, CVE-2010-1214)
A memory corruption flaw was found in the way SeaMonkey decoded certain PNG images. An attacker could create a specially crafted PNG image that, when opened, could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2010-1205)
A same-origin policy bypass flaw was found in SeaMonkey. An attacker could create a malicious web page that, when viewed by a victim, could steal private data from a different website the victim has loaded with SeaMonkey. (CVE-2010-2754)
A flaw was found in the way SeaMonkey displayed the location bar when visiting a secure web page. A malicious server could use this flaw to present data that appears to originate from a secure server, even though it does not. (CVE-2010-2751)
All SeaMonkey users should upgrade to these updated packages, which correct these issues. After installing the update, SeaMonkey must be restarted for the changes to take effect.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2010:0546. The text
# itself is copyright (C) Red Hat, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(47880);
script_version("1.28");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2010-0654", "CVE-2010-1205", "CVE-2010-1206", "CVE-2010-1207", "CVE-2010-1208", "CVE-2010-1209", "CVE-2010-1210", "CVE-2010-1211", "CVE-2010-1212", "CVE-2010-1213", "CVE-2010-1214", "CVE-2010-1215", "CVE-2010-2751", "CVE-2010-2752", "CVE-2010-2753", "CVE-2010-2754", "CVE-2010-2760");
script_bugtraq_id(41174, 41824);
script_xref(name:"RHSA", value:"2010:0546");
script_name(english:"RHEL 3 / 4 : seamonkey (RHSA-2010:0546)");
script_summary(english:"Checks the rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote Red Hat host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"Updated SeaMonkey packages that fix several security issues are now
available for Red Hat Enterprise Linux 3 and 4.
The Red Hat Security Response Team has rated this update as having
critical security impact. Common Vulnerability Scoring System (CVSS)
base scores, which give detailed severity ratings, are available for
each vulnerability from the CVE links in the References section.
SeaMonkey is an open source web browser, email and newsgroup client,
IRC chat client, and HTML editor.
Several flaws were found in the processing of malformed web content. A
web page containing malicious content could cause SeaMonkey to crash
or, potentially, execute arbitrary code with the privileges of the
user running SeaMonkey. (CVE-2010-1211, CVE-2010-2753, CVE-2010-1214)
A memory corruption flaw was found in the way SeaMonkey decoded
certain PNG images. An attacker could create a specially crafted PNG
image that, when opened, could cause SeaMonkey to crash or,
potentially, execute arbitrary code with the privileges of the user
running SeaMonkey. (CVE-2010-1205)
A same-origin policy bypass flaw was found in SeaMonkey. An attacker
could create a malicious web page that, when viewed by a victim, could
steal private data from a different website the victim has loaded with
SeaMonkey. (CVE-2010-2754)
A flaw was found in the way SeaMonkey displayed the location bar when
visiting a secure web page. A malicious server could use this flaw to
present data that appears to originate from a secure server, even
though it does not. (CVE-2010-2751)
All SeaMonkey users should upgrade to these updated packages, which
correct these issues. After installing the update, SeaMonkey must be
restarted for the changes to take effect."
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2010-1205"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2010-1211"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2010-1214"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2010-2751"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2010-2753"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/security/cve/cve-2010-2754"
);
script_set_attribute(
attribute:"see_also",
value:"https://access.redhat.com/errata/RHSA-2010:0546"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_cwe_id(94);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:seamonkey");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:seamonkey-chat");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:seamonkey-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:seamonkey-dom-inspector");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:seamonkey-js-debugger");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:seamonkey-mail");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:seamonkey-nspr");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:seamonkey-nspr-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:seamonkey-nss");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:seamonkey-nss-devel");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4.8");
script_set_attribute(attribute:"vuln_publication_date", value:"2010/02/18");
script_set_attribute(attribute:"patch_publication_date", value:"2010/07/20");
script_set_attribute(attribute:"plugin_publication_date", value:"2010/07/28");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Red Hat Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^(3|4)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 3.x / 4.x", "Red Hat " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo))
{
rhsa = "RHSA-2010:0546";
yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
if (!empty_or_null(yum_report))
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : yum_report
);
exit(0);
}
else
{
audit_message = "affected by Red Hat security advisory " + rhsa;
audit(AUDIT_OS_NOT, audit_message);
}
}
else
{
flag = 0;
if (rpm_check(release:"RHEL3", reference:"seamonkey-1.0.9-0.57.el3")) flag++;
if (rpm_check(release:"RHEL3", reference:"seamonkey-chat-1.0.9-0.57.el3")) flag++;
if (rpm_check(release:"RHEL3", reference:"seamonkey-devel-1.0.9-0.57.el3")) flag++;
if (rpm_check(release:"RHEL3", reference:"seamonkey-dom-inspector-1.0.9-0.57.el3")) flag++;
if (rpm_check(release:"RHEL3", reference:"seamonkey-js-debugger-1.0.9-0.57.el3")) flag++;
if (rpm_check(release:"RHEL3", reference:"seamonkey-mail-1.0.9-0.57.el3")) flag++;
if (rpm_check(release:"RHEL3", reference:"seamonkey-nspr-1.0.9-0.57.el3")) flag++;
if (rpm_check(release:"RHEL3", reference:"seamonkey-nspr-devel-1.0.9-0.57.el3")) flag++;
if (rpm_check(release:"RHEL3", reference:"seamonkey-nss-1.0.9-0.57.el3")) flag++;
if (rpm_check(release:"RHEL3", reference:"seamonkey-nss-devel-1.0.9-0.57.el3")) flag++;
if (rpm_check(release:"RHEL4", reference:"seamonkey-1.0.9-60.el4")) flag++;
if (rpm_check(release:"RHEL4", reference:"seamonkey-chat-1.0.9-60.el4")) flag++;
if (rpm_check(release:"RHEL4", reference:"seamonkey-devel-1.0.9-60.el4")) flag++;
if (rpm_check(release:"RHEL4", reference:"seamonkey-dom-inspector-1.0.9-60.el4")) flag++;
if (rpm_check(release:"RHEL4", reference:"seamonkey-js-debugger-1.0.9-60.el4")) flag++;
if (rpm_check(release:"RHEL4", reference:"seamonkey-mail-1.0.9-60.el4")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get() + redhat_report_package_caveat()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "seamonkey / seamonkey-chat / seamonkey-devel / etc");
}
}
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0654
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1206
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1207
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1208
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1209
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1210
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1211
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1212
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1213
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1214
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1215
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2751
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2752
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2753
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2754
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2760
access.redhat.com/errata/RHSA-2010:0546
access.redhat.com/security/cve/cve-2010-1205
access.redhat.com/security/cve/cve-2010-1211
access.redhat.com/security/cve/cve-2010-1214
access.redhat.com/security/cve/cve-2010-2751
access.redhat.com/security/cve/cve-2010-2753
access.redhat.com/security/cve/cve-2010-2754
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
98.4%