Lucene search
K

5 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 6:3 a.m.4 views

SUSE CVE-2009-1835

Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 associate local documents with external domain names located after the file:// substring in a URL, which allows user-assisted remote attackers to read arbitrary cookies via a crafted HTML document, as demonstrated by a URL with...

4.3CVSS6.3AI score0.02325EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2009/06/25 3:7 p.m.2 views

Firefox SSL tampering via non-200 responses to proxy CONNECT requests

Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 use the HTTP Host header to determine the context of a document provided in a non-200 CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying...

6.8CVSS6AI score0.02032EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2009/06/16 12:0 a.m.45 views

Fedora 10 : Miro-2.0.3-5.fc10 / blam-1.8.5-11.fc10 / devhelp-0.22-9.fc10 / epiphany-2.24.3-7.fc10 / etc (2009-6366)

Update to new upstream Firefox version 3.0.11, fixing multiple security issues detailed in the upstream advisories: http://www.mozilla.org/security/known- vulnerabilities/firefox30.htmlfirefox3.0.11 Update also includes all packages depending on gecko-libs rebuild against new version of Firefox /...

9.3CVSS8AI score0.09282EPSS
Exploits9References42
Tenable Nessus
Tenable Nessus
added 2009/06/16 12:0 a.m.41 views

Fedora 9 : Miro-2.0.3-5.fc9 / blam-1.8.5-10.fc9.1 / chmsee-1.0.1-13.fc9 / devhelp-0.19.1-13.fc9 / etc (2009-6411)

Update to new upstream Firefox version 3.0.11, fixing multiple security issues detailed in the upstream advisories: http://www.mozilla.org/security/known- vulnerabilities/firefox30.htmlfirefox3.0.11 Update also includes all packages depending on gecko-libs rebuild against new version of Firefox /...

9.3CVSS8AI score0.09282EPSS
Exploits9References43
Cvelist
Cvelist
added 2009/06/12 9:7 p.m.35 views

CVE-2009-1837

Race condition in the NPObjWrapperNewResolve function in modules/plugin/base/src/nsJSNPRuntime.cpp in xul.dll in Mozilla Firefox 3 before 3.0.11 might allow remote attackers to execute arbitrary code via a page transition during Java applet loading, related to a use-after-free vulnerability for...

7.9AI score0.04331EPSS
Exploits2References21
Rows per page
Query Builder