Gentoo Security Advisory GLSA 200805-18 (mozilla ...) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 200805-18.

Solution

Upgrade to the latest package. For details, please visit the referenced security advisory. NOTE: The crash vulnerability (CVE-2008-1380) is currently unfixed in the SeaMonkey binary ebuild, as no precompiled packages have been released. Until an update is available, we recommend all SeaMonkey users to disable JavaScript, use Firefox for JavaScript-enabled browsing, or switch to the SeaMonkey source ebuild. http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200805-18 http://bugs.gentoo.org/show_bug.cgi?id=208128 http://bugs.gentoo.org/show_bug.cgi?id=214816 http://bugs.gentoo.org/show_bug.cgi?id=218065

Insight

Multiple vulnerabilities have been reported in Mozilla Firefox, Thunderbird, SeaMonkey and XULRunner, some of which may allow user-assisted execution of arbitrary code.

Severity

Classification

Related Vulnerabilities

Gentoo Security Advisory GLSA 200404-21 (samba)
Gentoo Security Advisory GLSA 200401-04 (GAIM)
Gentoo Security Advisory GLSA 200409-03 (Python)
Gentoo Security Advisory GLSA 200403-02 (Kernel)
Gentoo Security Advisory GLSA 200405-17 (metamail)

Take action and discover your vulnerabilities