English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.804094
Categoría:General
Título:SeaMonkey Multiple Vulnerabilities-01 Feb14 (Windows)
Resumen:This host is installed with SeaMonkey and is prone to multiple;vulnerabilities.
Descripción:Summary:
This host is installed with SeaMonkey and is prone to multiple
vulnerabilities.

Vulnerability Insight:
Multiple flaws are due to:

- An error when handling XML Binding Language (XBL) content scopes.

- An error when handling discarded images within the 'RasterImage' class.

- An error related to the 'document.caretPositionFromPoint()' and
'document.elementFromPoint()' functions.

- An error when handling XSLT stylesheets.

- A use-after-free error related to certain content types when used with the
'imgRequestProxy()' function.

- An error when handling web workers error messages.

- An error when terminating a web worker running asm.js code after passing an
object between threads.

- A race condition error when handling session tickets within libssl.

- An error when handling JavaScript native getters on window objects.

- Additionally, a weakness exists when handling the dialog for saving downloaded
files.

Vulnerability Impact:
Successful exploitation will allow attackers to bypass certain security
restrictions and compromise a user's system.

Affected Software/OS:
SeaMonkey version before 2.24 on Windows

Solution:
Upgrade to SeaMonkey version 2.24 or later.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2014-1477
BugTraq ID: 65317
http://www.securityfocus.com/bid/65317
Debian Security Information: DSA-2858 (Google Search)
http://www.debian.org/security/2014/dsa-2858
http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html
https://security.gentoo.org/glsa/201504-01
http://osvdb.org/102864
RedHat Security Advisories: RHSA-2014:0132
http://rhn.redhat.com/errata/RHSA-2014-0132.html
RedHat Security Advisories: RHSA-2014:0133
http://rhn.redhat.com/errata/RHSA-2014-0133.html
http://www.securitytracker.com/id/1029717
http://www.securitytracker.com/id/1029720
http://www.securitytracker.com/id/1029721
http://secunia.com/advisories/56706
http://secunia.com/advisories/56761
http://secunia.com/advisories/56763
http://secunia.com/advisories/56767
http://secunia.com/advisories/56787
http://secunia.com/advisories/56858
http://secunia.com/advisories/56888
SuSE Security Announcement: SUSE-SU-2014:0248 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html
SuSE Security Announcement: openSUSE-SU-2014:0212 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html
SuSE Security Announcement: openSUSE-SU-2014:0213 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html
SuSE Security Announcement: openSUSE-SU-2014:0419 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html
http://www.ubuntu.com/usn/USN-2102-1
http://www.ubuntu.com/usn/USN-2102-2
http://www.ubuntu.com/usn/USN-2119-1
XForce ISS Database: firefox-cve20141477-code-exec(90899)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90899
Common Vulnerability Exposure (CVE) ID: CVE-2014-1478
BugTraq ID: 65324
http://www.securityfocus.com/bid/65324
http://osvdb.org/102865
http://secunia.com/advisories/56922
XForce ISS Database: firefox-cve20141478-code-exec(90900)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90900
Common Vulnerability Exposure (CVE) ID: CVE-2014-1479
BugTraq ID: 65320
http://www.securityfocus.com/bid/65320
http://osvdb.org/102866
XForce ISS Database: firefox-cve20141479-sec-bypass(90898)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90898
Common Vulnerability Exposure (CVE) ID: CVE-2014-1480
BugTraq ID: 65331
http://www.securityfocus.com/bid/65331
http://osvdb.org/102867
XForce ISS Database: firefox-cve20141480-spoofing(90897)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90897
Common Vulnerability Exposure (CVE) ID: CVE-2014-1481
BugTraq ID: 65326
http://www.securityfocus.com/bid/65326
http://osvdb.org/102863
XForce ISS Database: firefox-cve20141481-sec-bypass(90883)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90883
Common Vulnerability Exposure (CVE) ID: CVE-2014-1482
BugTraq ID: 65328
http://www.securityfocus.com/bid/65328
http://osvdb.org/102868
XForce ISS Database: firefox-cve20141482-code-exec(90894)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90894
Common Vulnerability Exposure (CVE) ID: CVE-2014-1483
BugTraq ID: 65316
http://www.securityfocus.com/bid/65316
http://osvdb.org/102869
XForce ISS Database: firefox-cve20141483-info-disc(90893)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90893
Common Vulnerability Exposure (CVE) ID: CVE-2014-1485
BugTraq ID: 65322
http://www.securityfocus.com/bid/65322
http://osvdb.org/102871
XForce ISS Database: firefox-xslt-cve20141485xss(90891)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90891
Common Vulnerability Exposure (CVE) ID: CVE-2014-1486
BugTraq ID: 65334
http://www.securityfocus.com/bid/65334
http://osvdb.org/102872
XForce ISS Database: firefox-cve20141486-code-exec(90890)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90890
Common Vulnerability Exposure (CVE) ID: CVE-2014-1487
BugTraq ID: 65330
http://www.securityfocus.com/bid/65330
http://osvdb.org/102873
XForce ISS Database: mozilla-cve20141487-info-disc(90889)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90889
Common Vulnerability Exposure (CVE) ID: CVE-2014-1488
BugTraq ID: 65321
http://www.securityfocus.com/bid/65321
http://osvdb.org/102875
XForce ISS Database: firefox-cve20141488-dos(90887)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90887
Common Vulnerability Exposure (CVE) ID: CVE-2014-1490
BugTraq ID: 65335
http://www.securityfocus.com/bid/65335
Bugtraq: 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/534161/100/0/threaded
http://seclists.org/fulldisclosure/2014/Dec/23
http://osvdb.org/102876
XForce ISS Database: mozilla-nss-cve20141490-code-exec(90885)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90885
Common Vulnerability Exposure (CVE) ID: CVE-2014-1491
BugTraq ID: 65332
http://www.securityfocus.com/bid/65332
Debian Security Information: DSA-2994 (Google Search)
http://www.debian.org/security/2014/dsa-2994
XForce ISS Database: firefox-nss-cve20141491-unspecified(90886)
https://exchange.xforce.ibmcloud.com/vulnerabilities/90886
CopyrightCopyright (C) 2014 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2024 E-Soft Inc. Todos los derechos reservados.