Lucene search
Ubuntu.comUB:CVE-2009-1311HistoryApr 22, 2009 - 12:00 a.m.
CVE-2009-1311
2009-04-2200:00:00
ubuntu.com
ubuntu.com
13
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.004 Low
EPSS
Percentile
73.4%
Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow
user-assisted remote attackers to obtain sensitive information via a web
page with an embedded frame, which causes POST data from an outer page to
be sent to the inner frame’s URL during a SAVEMODE_FILEONLY save of the
inner frame.
Notes
| Author | Note |
|---|---|
| jdstrand | CVEs in Firefox are tracked in the xulrunner source packages. The mapping of xulrunner sources to firefox is: xulrunner (1.8.0): firefox (1.5) - Ubuntu 6.06 LTS xulrunner (1.8.1): firefox (2.0) - Ubuntu 6.10 - 8.04 LTS xulrunner-1.9: firefox-3.0 xulrunner-1.9.1: firefox-3.5 Ubuntu 6.06 LTS and 10.04 LTS uses the embedded xulrunner and not the system xulrunner-1.9.2, so it is tracked in the firefox source package. |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 8.04 | noarch | seamonkey | < 1.1.17+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
| ubuntu | 8.10 | noarch | seamonkey | < 1.1.17+nobinonly-0ubuntu0.8.10.1 | UNKNOWN |
| ubuntu | 9.04 | noarch | seamonkey | < 1.1.17+nobinonly-0ubuntu0.9.04.1 | UNKNOWN |
| ubuntu | 8.04 | noarch | xulrunner-1.9 | < 1.9.0.9+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
| ubuntu | 8.10 | noarch | xulrunner-1.9 | < 1.9.0.9+nobinonly-0ubuntu0.8.10.1 | UNKNOWN |
| ubuntu | 9.04 | noarch | xulrunner-1.9 | < 1.9.0.9+nobinonly-0ubuntu0.9.04.1 | UNKNOWN |
| ubuntu | 9.04 | noarch | xulrunner-1.9.1 | < 1.9.1+nobinonly-0ubuntu0.9.04.1 | UNKNOWN |
| ubuntu | 9.10 | noarch | xulrunner-1.9.1 | < 1.9.1~rc2+nobinonly-0ubuntu1 | UNKNOWN |
Related
mozilla
mozilla
prion
prion
Code injection
2009-04-22 18:30:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2009-21
2009-04-23 00:00:00
Mozilla Firefox / Seamonkey multiple security vulnerabilities
2009-04-28 00:00:00
cve
cve
CVE-2009-1311
2009-04-22 18:30:00
veracode
veracode
Information Disclosure
2020-04-10 00:33:08
nessus
nessus
Fedora 10 : seamonkey-1.1.17-1.fc10 (2009-7567)
2009-07-17 00:00:00
Scientific Linux Security Update : seamonkey on SL3.x, SL4.x i386/x86_64
2012-08-01 00:00:00
CentOS 3 / 4 : seamonkey (CESA-2009:0437)
2009-05-26 00:00:00
openvas
openvas
Fedora Core 10 FEDORA-2009-7567 (seamonkey)
2009-07-29 00:00:00
Fedora Core 10 FEDORA-2009-7567 (seamonkey)
2009-07-29 00:00:00
CentOS Update for seamonkey CESA-2009:0437-02 centos2 i386
2011-08-09 00:00:00
centos
centos
seamonkey security update
2009-04-22 19:48:58
seamonkey security update
2009-04-24 05:51:23
firefox, xulrunner security update
2009-04-23 11:19:15
redhat
redhat
(RHSA-2009:0437) Critical: seamonkey security update
2009-04-21 00:00:00
(RHSA-2009:0436) Critical: firefox security update
2009-04-21 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: seamonkey-1.1.17-1.fc11
2009-07-16 07:11:14
[SECURITY] Fedora 10 Update: seamonkey-1.1.17-1.fc10
2009-07-16 06:57:32
[SECURITY] Fedora 10 Update: kazehakase-0.5.6-4.fc10.1
2009-04-24 19:52:12
oraclelinux
oraclelinux
seamonkey security update
2009-04-21 00:00:00
firefox security update
2009-04-22 00:00:00
osv
osv
xulrunner - several vulnerabilities
2009-05-09 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2009-04-21 00:00:00
debian
debian
[SECURITY] [DSA 1797-1] New xulrunner packages fix several vulnerabilities
2009-05-09 13:00:16
ubuntu
ubuntu
Firefox and Xulrunner vulnerabilities
2009-04-23 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.004 Low
EPSS
Percentile
73.4%
Related for UB:CVE-2009-1311