Firefox vulnerabilities

2009-02-1000:00:00

ubuntu.com

9.4 High

AI Score

Confidence

High

5.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:C/I:N/A:N

0.005 Low

EPSS

Percentile

77.0%

JSON

Releases

Ubuntu 7.10

Packages

firefox -

Details

A flaw was discovered in the browser engine when restoring closed tabs. If a
user were tricked into restoring a tab to a malicious website with form input
controls, an attacker could steal local files on the user’s system.
(CVE-2009-0355)

Wladimir Palant discovered that Firefox did not restrict access to cookies in
HTTP response headers. If a user were tricked into opening a malicious web
page, a remote attacker could view sensitive information. (CVE-2009-0357)

OSVersionArchitecturePackageVersionFilename
Ubuntu7.10noarchfirefox< 2.0.0.21~20090209t122238+nobinonly-0ubuntu0.7.10.1UNKNOWN
Ubuntu7.10noarchfirefox< dbg-2.0.0.21~20090209t122238+nobinonly-0ubuntu0.7.10.1UNKNOWN
Ubuntu7.10noarchfirefox< dev-2.0.0.21~20090209t122238+nobinonly-0ubuntu0.7.10.1UNKNOWN
Ubuntu7.10noarchfirefox< gnome-support-2.0.0.21~20090209t122238+nobinonly-0ubuntu0.7.10.1UNKNOWN
Ubuntu7.10noarchfirefox< libthai-2.0.0.21~20090209t122238+nobinonly-0ubuntu0.7.10.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	7.10	noarch	firefox	< 2.0.0.21~20090209t122238+nobinonly-0ubuntu0.7.10.1	UNKNOWN
Ubuntu	7.10	noarch	firefox	< dbg-2.0.0.21~20090209t122238+nobinonly-0ubuntu0.7.10.1	UNKNOWN
Ubuntu	7.10	noarch	firefox	< dev-2.0.0.21~20090209t122238+nobinonly-0ubuntu0.7.10.1	UNKNOWN
Ubuntu	7.10	noarch	firefox	< gnome-support-2.0.0.21~20090209t122238+nobinonly-0ubuntu0.7.10.1	UNKNOWN
Ubuntu	7.10	noarch	firefox	< libthai-2.0.0.21~20090209t122238+nobinonly-0ubuntu0.7.10.1	UNKNOWN