Ubuntu.comUB:CVE-2009-3012CVE-2009-3012
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
55.8%
Mozilla Firefox 3.0.13 and earlier, 3.5, 3.6 a1 pre, and 3.7 a1 pre does
not properly block data: URIs in Location headers in HTTP responses, which
allows remote attackers to conduct cross-site scripting (XSS) attacks via
vectors related to (1) injecting a Location header that contains JavaScript
sequences in a data:text/html URI or (2) entering a data:text/html URI with
JavaScript sequences when specifying the content of a Location header.
NOTE: the JavaScript executes outside of the context of the HTTP site.
Notes
| Author | Note |
|---|---|
| jdstrand | ‘firefox’ source package on Ubuntu 8.04 LTS uses xulrunner 1.8.1 which is not-affected per upstream: “Furthermore nome of the bugs you have referenced are XSS. JavaScript executing within the context of the site that served it is not cross-site anything.” |
Related
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
55.8%