Lucene search

K

MitreCVELIST:CVE-2009-3985

HistoryDec 17, 2009 - 5:00 p.m.

CVE-2009-3985

2009-12-1717:00:00

mitre

www.cve.org

6.4 Medium

AI Score

Confidence

High

0.031 Low

EPSS

Percentile

91.2%

Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to associate spoofed content with an invalid URL by setting document.location to this URL, and then writing arbitrary web script or HTML to the associated blank document, a related issue to CVE-2009-2654.

References

secunia.com/advisories/37699

secunia.com/advisories/37704

secunia.com/advisories/37785

secunia.com/advisories/37813

secunia.com/advisories/37856

secunia.com/advisories/37881

securitytracker.com/id?1023342

securitytracker.com/id?1023343

www.debian.org/security/2009/dsa-1956

www.mozilla.org/security/announce/2009/mfsa2009-69.html

www.novell.com/linux/security/advisories/2009_63_firefox.html

www.securityfocus.com/bid/37349

www.securityfocus.com/bid/37370

www.ubuntu.com/usn/USN-873-1

www.ubuntu.com/usn/USN-874-1

www.vupen.com/english/advisories/2009/3547

bugzilla.mozilla.org/show_bug.cgi?id=514232

bugzilla.redhat.com/show_bug.cgi?id=546726

exchange.xforce.ibmcloud.com/vulnerabilities/54808

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8480

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9911

rhn.redhat.com/errata/RHSA-2009-1674.html

www.redhat.com/archives/fedora-package-announce/2009-December/msg00995.html

www.redhat.com/archives/fedora-package-announce/2009-December/msg01034.html

www.redhat.com/archives/fedora-package-announce/2009-December/msg01041.html

6.4 Medium

AI Score

Confidence

High

0.031 Low

EPSS

Percentile

91.2%

Related for CVELIST:CVE-2009-3985

cve2 ubuntucve2 prion2 nvd2 seebug2 veracode2 packetstorm1 exploitpack1 mozilla2 securityvulns4 debian2 ubuntu5 openvas77 nessus49 cvelist1 exploitdb1 osv2 oraclelinux3 redhat4 centos3 fedora30 suse1 freebsd1