CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
100.0%
The remote Windows host is using SeaMonkey, an alternative web browser and application suite.
The installed version of SeaMonkey contains various security issues, some of which may lead to execution of arbitrary code on the affected host subject to the user’s privileges.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(21226);
script_version("1.21");
script_cve_id("CVE-2006-0748", "CVE-2006-0749", "CVE-2006-0884", "CVE-2006-1529",
"CVE-2006-1530", "CVE-2006-1531", "CVE-2006-1723", "CVE-2006-1724",
"CVE-2006-1725", "CVE-2006-1726", "CVE-2006-1727", "CVE-2006-1728",
"CVE-2006-1729", "CVE-2006-1730", "CVE-2006-1731", "CVE-2006-1732",
"CVE-2006-1733", "CVE-2006-1734", "CVE-2006-1735", "CVE-2006-1736",
"CVE-2006-1737", "CVE-2006-1738", "CVE-2006-1739", "CVE-2006-1740",
"CVE-2006-1790");
script_bugtraq_id(17516);
script_name(english:"SeaMonkey < 1.0.1 Multiple Vulnerabilities");
script_summary(english:"Checks version of SeaMonkey");
script_set_attribute(attribute:"synopsis", value:
"A web browser on the remote host is prone to multiple flaws." );
script_set_attribute(attribute:"description", value:
"The remote Windows host is using SeaMonkey, an alternative web browser
and application suite.
The installed version of SeaMonkey contains various security issues,
some of which may lead to execution of arbitrary code on the affected
host subject to the user's privileges." );
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-20/" );
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-21/" );
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-22/" );
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-23/" );
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-24/" );
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-25/" );
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-27/" );
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-28/" );
script_set_attribute(attribute:"see_also", value:"https://www.mozilla.org/en-US/security/advisories/mfsa2006-29/" );
script_set_attribute(attribute:"solution", value:
"Upgrade to SeaMonkey 1.0.1 or later." );
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_cwe_id(20, 79, 119, 189, 264, 399);
script_set_attribute(attribute:"plugin_publication_date", value: "2006/04/14");
script_set_attribute(attribute:"vuln_publication_date", value: "2006/02/22");
script_cvs_date("Date: 2018/07/27 18:38:15");
script_set_attribute(attribute:"patch_publication_date", value: "2006/04/13");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:mozilla:seamonkey");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.");
script_dependencies("mozilla_org_installed.nasl");
script_require_keys("SeaMonkey/Version");
exit(0);
}
include("mozilla_version.inc");
port = get_kb_item("SMB/transport");
if (!port) port = 445;
installs = get_kb_list("SMB/SeaMonkey/*");
if (isnull(installs)) audit(AUDIT_NOT_INST, "SeaMonkey");
mozilla_check_version(installs:installs, product:'seamonkey', fix:'1.0.1', severity:SECURITY_HOLE);
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0748
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0749
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0884
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1529
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1530
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1531
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1723
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1724
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1725
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1726
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1727
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1728
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1729
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1730
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1731
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1732
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1733
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1734
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1735
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1736
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1737
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1738
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1739
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1740
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1790
www.mozilla.org/en-US/security/advisories/mfsa2006-20/
www.mozilla.org/en-US/security/advisories/mfsa2006-21/
www.mozilla.org/en-US/security/advisories/mfsa2006-22/
www.mozilla.org/en-US/security/advisories/mfsa2006-23/
www.mozilla.org/en-US/security/advisories/mfsa2006-24/
www.mozilla.org/en-US/security/advisories/mfsa2006-25/
www.mozilla.org/en-US/security/advisories/mfsa2006-27/
www.mozilla.org/en-US/security/advisories/mfsa2006-28/
www.mozilla.org/en-US/security/advisories/mfsa2006-29/