Several Issues were discovered in Seamonkey, they are expected to be fixed in the next upstream Seamonkey release CVE-2006-3807 MFSA 2006-51 CVE-2006-3809 MFSA 2006-53 CVE-2006-3812 MFSA 2006-56 Several flaws were found in the way Seamonkey processes certain javascript actions. A malicious web page could execute arbitrary javascript instructions with the permissions of "chrome", allowing the page to steal sensitive information or install browser malware. CVE-2006-3801 MFSA 2006-44 CVE-2006-3677 MFSA 2006-45 CVE-2006-3113 MFSA 2006-46 CVE-2006-3803 MFSA 2006-48 CVE-2006-3805 MFSA 2006-50 CVE-2006-3806 MFSA 2006-50 CVE-2006-3811 MFSA 2006-55 Several flaws were found in the way Seamonkey processes certain javascript actions. A malicious web page could execute arbitrary code as the user running the browser. CVE-2006-3802 MFSA 2006-47 CVE-2006-3810 MFSA 2006-54 Several flaws were found in the way Seamonkey processes certain javascript actions. A malicious web page could conduct a cross site scripting attack or steal sensitive information such as cookies owned by other domains. CVE-2006-3808 MFSA 2006-52 A flaw was found in the way Seamonkey processes Proxy AutoConfig scripts. A malicious Proxy AutoConfig server could execute arbitrary javascript instructions with the permissions of "chrome", allowing the page to steal sensitive information or install browser malware. CVE-2006-3804 MFSA 2006-49 A buffer overflow flaw was found in the way Seamonkey displayed malformed inline vcard attachments. If a victim viewed an email message containing a carefully crafted vcard it is possible to execute arbitrary code as the user running Seamonkey-mail.
These issues also affect the RHEL3 Seamonkey.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2006-0609.html