1. Home
  2. Security Advisories
  3. Fedora
  4. FEDORA-2007-2795

[FEDORA-2007-2795] Fedora 8: seamonkey

Severity High
Affected Packages 1
CVEs 9
Info Packages References Vulnerabilities

SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor.

By leveraging browser flaws, users could be fooled into possibly surrendering sensitive information (CVE-2007-1095, CVE-2007-3511, CVE-2007-3844, CVE-2007-5334).

Malformed web content could result in the execution of arbitrary commands (CVE-2007-5338, CVE-2007-5339, CVE-2007-5340).

Digest Authentication requests can be used to conduct a response splitting attack (CVE-2007-2292).

The sftp protocol handler could be used to view the contents of arbitrary local files (CVE-2007-5337).

Users of SeaMonkey are advised to upgrade to these erratum packages, which contain patches that correct these issues.

Package Affected Version
pkg:rpm/fedora/seamonkey?distro=fedora-8 < 1.1.5.2.fc8
ID
FEDORA-2007-2795
Severity
high
Severity from
CVE-2007-5338
URL
https://bodhi.fedoraproject.org/updates/FEDORA-2007-2795
Published
2007-11-06T16:05:16
(17 years ago)
Modified
2007-11-06T16:05:16
(17 years ago)
Rights
Copyright 2007 Red Hat, Inc.
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/fedora/seamonkey?distro=fedora-8 fedora seamonkey < 1.1.5.2.fc8 fedora-8
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date