SUSE CVE-2009-2065

Mozilla Firefox 3.0.10, and possibly other versions, detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that...

Mandrake Security Advisory MDVSA-2009:134 (firefox)

The remote host is missing an update to firefox announced via advisory MDVSA-2009:134. OpenVAS Vulnerability Test $Id: mdksa2009134.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:134 firefox Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...

Mozilla Firefox Multiple Vulnerability Jun-09 (Linux)

The host is installed with Firefox Browser, which is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbfirefoxmultvulnjun09lin.nasl 4865 2016-12-28 16:16:43Z teissa $ Mozilla Firefox Multiple Vulnerabilities Jun-09 Linux Authors: Antu Sanadi Copyright: Copyright c 2009 Greenbon...

CVE-2009-2065

CVE-2009-2065 (Mozilla Firefox) : Firefox 3.0.10 (and possibly other versions) is vulnerable to a context-mixing flaw where http content can be loaded in an https page when the top-level frame is https. An MITM attacker could modify an http page to include an https iframe that loads a script from...