Lucene search
MitreCVELIST:CVE-2009-3385HistoryMar 22, 2010 - 5:23 p.m.
CVE-2009-3385
2010-03-2217:23:00
mitre
www.cve.org
9
The mail component in Mozilla SeaMonkey before 1.1.19 does not properly restrict execution of scriptable plugin content, which allows user-assisted remote attackers to obtain sensitive information via crafted content in an IFRAME element in an HTML e-mail message, as demonstrated by a Flash object that sends arbitrary local files during a reply or forward operation.
References
lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
secunia.com/advisories/39001
www.mozilla.org/security/announce/2010/mfsa2010-06.html
www.securityfocus.com/bid/38830
www.vupen.com/english/advisories/2010/0648
bugzilla.mozilla.org/show_bug.cgi?id=371976
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10271
Related
prion
prion
Design/Logic Flaw
2010-03-23 00:53:00
veracode
veracode
Information Disclosure
2020-04-10 00:36:54
ubuntucve
ubuntucve
CVE-2009-3385
2010-03-23 00:00:00
securityvulns
securityvulns
cve
cve
CVE-2009-3385
2010-03-23 00:53:22
mozilla
mozilla
Scriptable plugin execution in SeaMonkey mail โ Mozilla
2010-03-16 00:00:00
nvd
nvd
CVE-2009-3385
2010-03-23 00:53:22
oraclelinux
oraclelinux
seamonkey security update
2009-10-28 00:00:00
centos
centos
seamonkey security update
2009-10-28 13:15:48
redhat
redhat
(RHSA-2009:1531) Critical: seamonkey security update
2009-10-27 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: seamonkey-1.1.19-1.fc11
2010-04-21 21:53:31
nessus
nessus
SeaMonkey < 1.1.19 Multiple Vulnerabilities
2010-03-19 00:00:00
RHEL 3 / 4 : seamonkey (RHSA-2009:1531)
2009-10-28 00:00:00
openvas
openvas
FreeBSD Ports: seamonkey, linux-seamonkey
2010-03-30 00:00:00
Fedora Update for seamonkey FEDORA-2010-7100
2010-04-29 00:00:00
Fedora Update for seamonkey FEDORA-2010-7100
2010-04-29 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2010-03-16 00:00:00