Red Hat released three new security updates this evening.
RHSA-2007:0722 Critical: seamonkey security update
This update addresses several vulnerabilities in the seamonkey packages for Red Hat Enterprise Linux 2.1, 3, and 4. A list of vulnerabilities is included in Table 1 below. The Red Hat Security Response Team has rated this update as having critical security impact.
| CVE-2007-3734 CVE-2007-3735 CVE-2007-3737 CVE-2007-3738 | A web page containing malicious JavaScript code could cause SeaMonkey to crash or potentially execute arbitrary code as the user running SeaMonkey. |
| CVE-2007-3736 CVE-2007-3089 | A web page containing malicious JavaScript code could inject arbitrary content into other web pages. |
| CVE-2007-3656 | A malicious web page may be able to inject arbitrary HTML into a browsing session if the user reloads a targeted site. |
RHSA-2007:0723 Moderate: thunderbird security update
This update addresses several vulnerabilities in the thunderbird packages for Red Hat Enterprise Linux 4 and 5. A list of vulnerabilities is included in Table 2 below. The Red Hat Security Response Team has rated this update as having moderate security impact.
| CVE-2007-3089 CVE-2007-3734 CVE-2007-3735 CVE-2007-3736 CVE-2007-3737 CVE-2007-3738 | A malicious HTML email message containing JavaScript code could cause Thunderbird to crash or potentially execute arbitrary code as the user running Thunderbird. |
RHSA-2007:0724 Critical: firefox security update
This update addresses several vulnerabilities in the firefox packages for Red Hat Enterprise Linux 4 and 5. A list of vulnerabilities is included in Table 3 below. The Red Hat Security Response Team has rated this update as having critical security impact.
| CVE-2007-3734 CVE-2007-3735 CVE-2007-3737 CVE-2007-3738 | A web page containing malicious JavaScript code could cause Firefox to crash or potentially execute arbitrary code as the user running Firefox. |
| CVE-2007-3736 CVE-2007-3089 | A web page containing malicious JavaScript code could inject arbitrary content into other web pages. |
| CVE-2007-3656 | A malicious web page may be able to inject arbitrary HTML into a browsing session if the user reloads a targeted site. |
Get Slaptijack updates delivered to your Inbox or RSS Reader for free!