Lucene search

K

[email protected]CVE-2009-1841

HistoryJun 12, 2009 - 9:30 p.m.

CVE-2009-1841

2009-06-1221:30:00

CWE-94

[email protected]

web.nvd.nist.gov

48

mozilla

firefox

thunderbird

seamonkey

remote code execution

vulnerability

nvd

cve-2009-1841

9.3 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.019 Low

EPSS

Percentile

88.3%

js/src/xpconnect/src/xpcwrappedjsclass.cpp in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to execute arbitrary web script with the privileges of a chrome object, as demonstrated by the browser sidebar and the FeedWriter.

CPENameOperatorVersion
mozilla:seamonkeymozilla seamonkeyeq1.1.10
mozilla:firefoxmozilla firefoxeq0.1
mozilla:thunderbirdmozilla thunderbirdeq1.5.0.7
mozilla:firefoxmozilla firefoxeq0.9_rc
mozilla:thunderbirdmozilla thunderbirdeq0.6
mozilla:seamonkeymozilla seamonkeyeq1.0.3
mozilla:firefoxmozilla firefoxeq0.8
mozilla:firefoxmozilla firefoxeq2.0.0.12
mozilla:thunderbirdmozilla thunderbirdeq0.7.2
mozilla:firefoxmozilla firefoxeq1.5

Rows per page:

1-10 of 1801

References

osvdb.org/55159

rhn.redhat.com/errata/RHSA-2009-1096.html

secunia.com/advisories/35331

secunia.com/advisories/35415

secunia.com/advisories/35428

secunia.com/advisories/35431

secunia.com/advisories/35439

secunia.com/advisories/35440

secunia.com/advisories/35468

secunia.com/advisories/35536

secunia.com/advisories/35561

secunia.com/advisories/35602

secunia.com/advisories/35882

slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.372468

slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.425408

sunsolve.sun.com/search/document.do?assetkey=1-66-264308-1

www.debian.org/security/2009/dsa-1820

www.debian.org/security/2009/dsa-1830

www.mandriva.com/security/advisories?name=MDVSA-2009:141

www.mozilla.org/security/announce/2009/mfsa2009-32.html

www.securityfocus.com/bid/35326

www.securityfocus.com/bid/35373

www.securitytracker.com/id?1022397

www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.454275

www.ubuntu.com/usn/usn-782-1

www.vupen.com/english/advisories/2009/1572

bugzilla.mozilla.org/show_bug.cgi?id=479560

bugzilla.redhat.com/show_bug.cgi?id=503583

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9815

rhn.redhat.com/errata/RHSA-2009-1095.html

www.redhat.com/archives/fedora-package-announce/2009-July/msg00444.html

www.redhat.com/archives/fedora-package-announce/2009-July/msg00504.html

www.redhat.com/archives/fedora-package-announce/2009-June/msg00574.html

www.redhat.com/archives/fedora-package-announce/2009-June/msg00657.html

9.3 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.019 Low

EPSS

Percentile

88.3%

Related for CVE-2009-1841

seebug1 veracode1 securityvulns2 ubuntucve1 mozilla1 prion1 openvas66 oraclelinux2 nessus36 centos2 redhat2 fedora41 debian2 ubuntu2 osv2 suse1 freebsd1 gentoo1