Summary
This host is installed with SeaMonkey and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow attackers to conduct spoofing attacks, disclose potentially sensitive information, bypass certain security restrictions, and compromise a user's system.
Impact Level: System/Application
Solution
Upgrade to SeaMonkey version 2.26 or later,
For updates refer to http://www.mozilla.com/en-US/seamonkey
Insight
Multiple flaws are due to,
- An error exists when handling Web Audio.
- An error exists when validating the XBL status of an object.
- A use-after-free error exists when processing HTML video in the Text Track Manager.
- An error exists when handling site notifications within the Web Notification API.
- An error exists when handling browser navigations through history to load a website.
- A use-after-free error exists when handling an imgLoader object within the 'nsGenericHTMLElement::GetWidthHeightForImage()' function.
- An error exists in NSS.
- A use-after-free error exists when handling host resolution within the 'libxul.so!nsHostResolver::ConditionallyRefreshRecord()' function.
- An error exists when handling the debugging of certain objects.
- And some unspecified errors exist.
Affected
SeaMonkey version before 2.26 on Mac OS X
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-1518, CVE-2014-1519, CVE-2014-1522, CVE-2014-1523, CVE-2014-1524, CVE-2014-1525, CVE-2014-1526, CVE-2014-1529, CVE-2014-1530, CVE-2014-1531, CVE-2014-1532 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Air Multiple Vulnerabilities - December12 (Windows)
- Adobe Flash Player Arbitrary Code Execution Vulnerability (Linux)
- Adobe AIR Multiple Vulnerabilities -01 April 13 (Windows)
- Adobe Air Multiple Vulnerabilities June-2012 (Mac OS X)
- Adobe Acrobat and Reader PDF Handling Multiple Vulnerabilities (Linux)