mozilla -- multiple vulnerabilities

2009-04-2100:00:00

vuxml.freebsd.org

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.264 Low

EPSS

Percentile

96.7%

JSON

Mozilla Foundation reports:

MFSA 2009-22: Firefox allows Refresh header to redirect to
javascript: URIs
MFSA 2009-21: POST data sent to wrong site when saving web page
with embedded frame
MFSA 2009-20: Malicious search plugins can inject code into
arbitrary sites
MFSA 2009-19: Same-origin violations in XMLHttpRequest and
XPCNativeWrapper.toString
MFSA 2009-18: XSS hazard using third-party stylesheets and XBL
bindings
MFSA 2009-17: Same-origin violations when Adobe Flash loaded via
view-source: scheme
MFSA 2009-16: jar: scheme ignores the content-disposition: header
on the inner URI
MFSA 2009-15: URL spoofing with box drawing character
MFSA 2009-14 Crashes with evidence of memory corruption
(rv:1.9.0.9)

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchfirefox< 2.0.0.20_7,1UNKNOWN
FreeBSDanynoarchlinux-firefox< 3.0.9UNKNOWN
FreeBSDanynoarchlinux-firefox-devel< 3.0.9UNKNOWN
FreeBSDanynoarchseamonkey< 1.1.17UNKNOWN
FreeBSDanynoarchlinux-seamonkey< 1.1.17UNKNOWN
FreeBSDanynoarchthunderbird< 2.0.0.22UNKNOWN
FreeBSDanynoarchlinux-thunderbird< 2.0.0.22UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	firefox	< 2.0.0.20_7,1	UNKNOWN
FreeBSD	any	noarch	linux-firefox	< 3.0.9	UNKNOWN
FreeBSD	any	noarch	linux-firefox-devel	< 3.0.9	UNKNOWN
FreeBSD	any	noarch	seamonkey	< 1.1.17	UNKNOWN
FreeBSD	any	noarch	linux-seamonkey	< 1.1.17	UNKNOWN
FreeBSD	any	noarch	thunderbird	< 2.0.0.22	UNKNOWN
FreeBSD	any	noarch	linux-thunderbird	< 2.0.0.22	UNKNOWN