Lucene search

K

[email protected]CVE-2009-3983

HistoryDec 17, 2009 - 5:30 p.m.

CVE-2009-3983

2009-12-1717:30:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

51

cve-2009-3983

mozilla firefox

seamonkey

ntlm

replay

remote attack

9.2 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.016 Low

EPSS

Percentile

87.4%

Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to send authenticated requests to arbitrary applications by replaying the NTLM credentials of a browser user.

CPENameOperatorVersion
mozilla:seamonkeymozilla seamonkeyeq1.1.10
mozilla:firefoxmozilla firefoxeq0.1
mozilla:seamonkeymozilla seamonkeyeq1.0.3
mozilla:firefoxmozilla firefoxeq0.8
mozilla:firefoxmozilla firefoxeq2.0.0.12
mozilla:firefoxmozilla firefoxeq1.5
mozilla:firefoxmozilla firefoxeq2.0_.7
mozilla:firefoxmozilla firefoxeq3.5.3
mozilla:seamonkeymozilla seamonkeyeq1.1.8
mozilla:firefoxmozilla firefoxeq3.0.7

Rows per page:

1-10 of 1351

References

lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html

secunia.com/advisories/37699

secunia.com/advisories/37703

secunia.com/advisories/37704

secunia.com/advisories/37785

secunia.com/advisories/37813

secunia.com/advisories/37856

secunia.com/advisories/37881

secunia.com/advisories/38977

secunia.com/advisories/39001

securitytracker.com/id?1023340

securitytracker.com/id?1023341

www.debian.org/security/2009/dsa-1956

www.mozilla.org/security/announce/2009/mfsa2009-68.html

www.novell.com/linux/security/advisories/2009_63_firefox.html

www.securityfocus.com/bid/37349

www.securityfocus.com/bid/37366

www.ubuntu.com/usn/USN-873-1

www.ubuntu.com/usn/USN-874-1

www.ubuntu.com/usn/USN-915-1

www.vupen.com/english/advisories/2009/3547

www.vupen.com/english/advisories/2010/0648

bugzilla.mozilla.org/show_bug.cgi?id=487872

bugzilla.redhat.com/show_bug.cgi?id=546720

exchange.xforce.ibmcloud.com/vulnerabilities/54807

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10047

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8240

rhn.redhat.com/errata/RHSA-2009-1673.html

rhn.redhat.com/errata/RHSA-2009-1674.html

www.redhat.com/archives/fedora-package-announce/2009-December/msg00995.html

www.redhat.com/archives/fedora-package-announce/2009-December/msg01034.html

www.redhat.com/archives/fedora-package-announce/2009-December/msg01041.html

9.2 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.016 Low

EPSS

Percentile

87.4%

Related for CVE-2009-3983

ubuntucve1 prion1 securityvulns2 veracode1 mozilla1 openvas56 nessus43 redhat2 oraclelinux2 centos2 osv1 ubuntu5 debian1 fedora31 freebsd2 suse1 gentoo1