openSUSE Security Update: seamonkey: 1.1.19 security update
Announcement ID: openSUSE-SU-2010:0273-1
Cross-References: CVE-2009-0689 CVE-2009-2463 CVE-2009-3072
CVE-2009-3075 CVE-2009-3077 CVE-2009-3376
CVE-2009-3385 CVE-2009-3983 CVE-2010-0161
An update that fixes 10 vulnerabilities is now available.
It includes one version update.
This update brings Mozilla Seamonkey to 1.1.19 fixing
various bugs and security issues.
Following security issues are fixed: MFSA 2010-07: Mozilla
developers took fixes from previously fixed memory safety
bugs in newer Mozilla-based products and ported them to the
Mozilla 1.8.1 branch so they can be utilized by Thunderbird
2 and SeaMonkey 1.1.
Paul Fisher reported a crash when joined to an Active
Directory server under Vista or Windows 7 and using SSPI
authentication. (CVE-2010-0161) Ludovic Hirlimann reported
a crash indexing some messages with attachments
(CVE-2010-0163) Carsten Book reported a crash in the
crash in the BinHex decoder used on non-Mac platforms.
(CVE-2009-3072) monarch2000 reported an integer overflow in
a base64 decoding function (CVE-2009-2463)
MFSA 2009-68 / CVE-2009-3983: Security researcher Takehiro
Takahashi of the IBM X-Force reported that Mozilla's NTLM
implementation was vulnerable to reflection attacks in
which NTLM credentials from one application could be
forwarded to another arbitary application via the browser.
If an attacker could get a user to visit a web page he
controlled he could force NTLM authenticated requests to be
forwarded to another application on behalf of the user.
MFSA 2009-62 / CVE-2009-3376: Mozilla security researchers
Jesse Ruderman and Sid Stamm reported that when downloading
a file containing a right-to-left override character (RTL)
in the filename, the name displayed in the dialog title bar
conflicts with the name of the file shown in the dialog
body. An attacker could use this vulnerability to obfuscate
the name and file extension of a file to be downloaded and
opened, potentially causing a user to run an executable
file when they expected to open a non-executable file.
MFSA 2009-59 / CVE-2009-0689: Security researcher Alin Rad
Pop of Secunia Research reported a heap-based buffer
overflow in Mozilla's string to floating point number
conversion routines. Using this vulnerability an attacker
very long string to be converted to a floating point number
which would result in improper memory allocation and the
execution of an arbitrary memory location. This
vulnerability could thus be leveraged by the attacker to
run arbitrary code on a victim's computer.
Update: The underlying flaw in the dtoa routines used by
Mozilla appears to be essentially the same as that reported
against the libc gdtoa routine by Maksymilian Arciemowicz.
MFSA 2010-06 / CVE-2009-3385: Security researcher Georgi
Guninski reported that scriptable plugin content, such as
Flash objects, could be loaded and executed in SeaMonkey
mail messages by embedding the content in an iframe inside
the message. If a user were to reply to or forward such a
content could potentially steal the contents of the message
or files from the local filesystem.
MFSA 2009-49 / CVE-2009-3077: An anonymous security
researcher, via TippingPoint's Zero Day Initiative,
reported that the columns of a XUL tree element could be
manipulated in a particular way which would leave a pointer
owned by the column pointing to freed memory. An attacker
could potentially use this vulnerability to crash a
victim's browser and run arbitrary code on the victim's
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 11.1:
zypper in -t patch seamonkey-2388
- openSUSE 11.0:
zypper in -t patch seamonkey-2388
To bring your system up-to-date, use "zypper patch".
- openSUSE 11.1 (i586 ppc src x86_64) [New Version: 1.1.19]:
- openSUSE 11.1 (i586 ppc x86_64) [New Version: 1.1.19]:
- openSUSE 11.0 (i586 ppc src x86_64) [New Version: 1.1.19]:
- openSUSE 11.0 (i586 ppc x86_64) [New Version: 1.1.19]: