Lucene search

K

PRIOn knowledge basePRION:CVE-2009-1838

HistoryJun 12, 2009 - 9:30 p.m.

Design/Logic Flaw

2009-06-1221:30:00

PRIOn knowledge base

www.prio-n.com

2

7.7 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.018 Low

EPSS

Percentile

87.7%

The garbage-collection implementation in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 sets an element’s owner document to null in unspecified circumstances, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafted event handler, related to an incorrect context for this event handler.

CPENameOperatorVersion
firefoxeq0.1
firefoxeq0.9.0-rc
firefoxeq0.8
firefoxeq2.0.0.12
firefoxeq1.5 beta2
firefoxeq2.0.7
firefoxeq3.0.7
firefoxeq1.5.2
firefoxeq3.0.9
firefoxeq1.5.0.6

Rows per page:

1-10 of 2021

References

osvdb.org/55157

rhn.redhat.com/errata/RHSA-2009-1096.html

secunia.com/advisories/35331

secunia.com/advisories/35415

secunia.com/advisories/35428

secunia.com/advisories/35431

secunia.com/advisories/35439

secunia.com/advisories/35440

secunia.com/advisories/35468

secunia.com/advisories/35536

secunia.com/advisories/35561

secunia.com/advisories/35602

secunia.com/advisories/35882

slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.372468

slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.425408

sunsolve.sun.com/search/document.do?assetkey=1-66-264308-1

www.debian.org/security/2009/dsa-1820

www.debian.org/security/2009/dsa-1830

www.mandriva.com/security/advisories?name=MDVSA-2009:141

www.mozilla.org/security/announce/2009/mfsa2009-29.html

www.redhat.com/support/errata/RHSA-2009-1125.html

www.redhat.com/support/errata/RHSA-2009-1126.html

www.securityfocus.com/bid/35326

www.securityfocus.com/bid/35383

www.securitytracker.com/id?1022397

www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.454275

www.ubuntu.com/usn/usn-782-1

www.vupen.com/english/advisories/2009/1572

bugzilla.mozilla.org/show_bug.cgi?id=489131

bugzilla.redhat.com/show_bug.cgi?id=503580

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11080

rhn.redhat.com/errata/RHSA-2009-1095.html

www.redhat.com/archives/fedora-package-announce/2009-July/msg00444.html

www.redhat.com/archives/fedora-package-announce/2009-July/msg00504.html

www.redhat.com/archives/fedora-package-announce/2009-June/msg00574.html

www.redhat.com/archives/fedora-package-announce/2009-June/msg00657.html

7.7 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.018 Low

EPSS

Percentile

87.7%

Related for PRION:CVE-2009-1838

mozilla1 cve1 securityvulns2 ubuntucve1 veracode1 openvas74 redhat4 nessus41 centos3 oraclelinux3 fedora41 osv2 ubuntu2 debian2 suse1 freebsd1 gentoo1