Software-update: Mozilla SeaMonkey 2.1 RC 2.
Seamonkey 2.46 code#
Multiple unspecified vulnerabilities in the browser engine in Seamonkey before 2.46 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.Copy Code CSS box-align example div. SeaMonkey is de voortzetting van de voormalige Mozilla Application Suite en bestaat uit een webbrowser en programmas om te e-mailen en nieuws te lezen. Seamonkey before 2.46 relies on unintended expiration dates for Preloaded Public Key Pinning, which allows man-in-the-middle attackers to spoof add-on updates by leveraging possession of an X.509 server certificate for signed by an arbitrary built-in Certification Authority.
Seamonkey 2.46 install#
Use-after-free vulnerability in the DOMSVGLength class in Seamonkey before 2.46 allows remote attackers to execute arbitrary code by leveraging improper interaction between JavaScript code and an SVG document. Desktop Central helps you to silently install or uninstall software to servers and desktops from a central place, including commercial software like Microsoft Office, Adobe Acrobat etc, without user intervention. Use-after-free vulnerability in the mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap function in Seamonkey before 2.46 allows remote attackers to execute arbitrary code via bidirectional text. Heap-based buffer overflow in the nsBMPEncoder::AddImageFrame function in Seamonkey before 2.46 allows remote attackers to execute arbitrary code via a crafted image data that is mishandled during the encoding of an image frame to an image. Use-after-free vulnerability in the nsRefreshDriver::Tick function in Seamonkey before 2.46 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging improper interaction between timeline destruction and the Web Animations model implementation. Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Seamonkey before 2.46 allows remote attackers to execute arbitrary code by leveraging improper interaction between restyling and the Web Animations model implementation. Use-after-free vulnerability in the mozilla::a11y::DocAccessible::ProcessInvalidationList function in Seamonkey before 2.46 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an aria-owns attribute. The nsImageGeometryMixin class in Seamonkey before 2.46 does not properly perform a cast of an unspecified variable during handling of INPUT elements, which allows remote attackers to execute arbitrary code via a crafted web site. The PropertyProvider::GetSpacingInternal function in Seamonkey before 2.46 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via text runs in conjunction with a "display: contents" Cascading Style Sheets (CSS) property. Says 2.46 is available Downloads Restart to install Installs Result: 'This application failed to initialize properly (0xc000001d)' No crash or anything like that, simply does not run.
Heap-based buffer overflow in the nsCaseTransformTextRunFactory::TransformString function in Seamonkey before 2.46 allows remote attackers to cause a denial of service (boolean out-of-bounds write) or possibly have unspecified other impact via Unicode characters that are mishandled during text conversion. Updated Iceape packages derived from Seamonkey include security fixes from Mozilla Firefox: