ID CVE-2009-0652
Summary The Internationalized Domain Names (IDN) blacklist in Mozilla Firefox 3.0.6 and other versions before 3.0.9; Thunderbird before 2.0.0.21; and SeaMonkey before 1.1.15 does not include box-drawing characters, which allows remote attackers to spoof URLs and conduct phishing attacks, as demonstrated by homoglyphs of the / (slash) and ? (question mark) characters in a subdomain of a .cn domain name, a different vulnerability than CVE-2005-0233. NOTE: some third parties claim that 3.0.6 is not affected, but much older versions perhaps are affected.
References
Vulnerable Configurations
  • Mozilla Firefox 1.0
    cpe:2.3:a:mozilla:firefox:1.0
  • Mozilla Firefox 1.0.1
    cpe:2.3:a:mozilla:firefox:1.0.1
  • Mozilla Firefox 1.0.2
    cpe:2.3:a:mozilla:firefox:1.0.2
  • Mozilla Firefox 1.0.3
    cpe:2.3:a:mozilla:firefox:1.0.3
  • Mozilla Firefox 1.0.4
    cpe:2.3:a:mozilla:firefox:1.0.4
  • Mozilla Firefox 1.0.5
    cpe:2.3:a:mozilla:firefox:1.0.5
  • Mozilla Firefox 1.0.6
    cpe:2.3:a:mozilla:firefox:1.0.6
  • Mozilla Firefox 1.0.7
    cpe:2.3:a:mozilla:firefox:1.0.7
  • Mozilla Firefox 1.0.8
    cpe:2.3:a:mozilla:firefox:1.0.8
  • Mozilla Firefox 1.5
    cpe:2.3:a:mozilla:firefox:1.5
  • Mozilla Firefox 1.5.0.1
    cpe:2.3:a:mozilla:firefox:1.5.0.1
  • Mozilla Firefox 1.5.0.2
    cpe:2.3:a:mozilla:firefox:1.5.0.2
  • Mozilla Firefox 1.5.0.3
    cpe:2.3:a:mozilla:firefox:1.5.0.3
  • Mozilla Firefox 1.5.0.4
    cpe:2.3:a:mozilla:firefox:1.5.0.4
  • Mozilla Firefox 1.5.0.5
    cpe:2.3:a:mozilla:firefox:1.5.0.5
  • Mozilla Firefox 1.5.0.6
    cpe:2.3:a:mozilla:firefox:1.5.0.6
  • Mozilla Firefox 1.5.0.7
    cpe:2.3:a:mozilla:firefox:1.5.0.7
  • Mozilla Firefox 1.5.0.8
    cpe:2.3:a:mozilla:firefox:1.5.0.8
  • Mozilla Firefox 1.5.0.9
    cpe:2.3:a:mozilla:firefox:1.5.0.9
  • Mozilla Firefox 1.5.0.10
    cpe:2.3:a:mozilla:firefox:1.5.0.10
  • Mozilla Firefox 1.5.0.11
    cpe:2.3:a:mozilla:firefox:1.5.0.11
  • Mozilla Firefox 1.5.0.12
    cpe:2.3:a:mozilla:firefox:1.5.0.12
  • Mozilla Firefox 2.0
    cpe:2.3:a:mozilla:firefox:2.0
  • Mozilla Firefox 2.0.0.1
    cpe:2.3:a:mozilla:firefox:2.0.0.1
  • Mozilla Firefox 2.0.0.2
    cpe:2.3:a:mozilla:firefox:2.0.0.2
  • Mozilla Firefox 2.0.0.3
    cpe:2.3:a:mozilla:firefox:2.0.0.3
  • Mozilla Firefox 2.0.0.4
    cpe:2.3:a:mozilla:firefox:2.0.0.4
  • Mozilla Firefox 2.0.0.5
    cpe:2.3:a:mozilla:firefox:2.0.0.5
  • Mozilla Firefox 2.0.0.6
    cpe:2.3:a:mozilla:firefox:2.0.0.6
  • Mozilla Firefox 2.0.0.7
    cpe:2.3:a:mozilla:firefox:2.0.0.7
  • Mozilla Firefox 2.0.0.8
    cpe:2.3:a:mozilla:firefox:2.0.0.8
  • Mozilla Firefox 2.0.0.9
    cpe:2.3:a:mozilla:firefox:2.0.0.9
  • Mozilla Firefox 2.0.0.10
    cpe:2.3:a:mozilla:firefox:2.0.0.10
  • Mozilla Firefox 2.0.0.11
    cpe:2.3:a:mozilla:firefox:2.0.0.11
  • Mozilla Firefox 2.0.0.12
    cpe:2.3:a:mozilla:firefox:2.0.0.12
  • Mozilla Firefox 2.0.0.13
    cpe:2.3:a:mozilla:firefox:2.0.0.13
  • Mozilla Firefox 2.0.0.14
    cpe:2.3:a:mozilla:firefox:2.0.0.14
  • Mozilla Firefox 2.0.0.15
    cpe:2.3:a:mozilla:firefox:2.0.0.15
  • Mozilla Firefox 2.0.0.16
    cpe:2.3:a:mozilla:firefox:2.0.0.16
  • Mozilla Firefox 2.0.0.17
    cpe:2.3:a:mozilla:firefox:2.0.0.17
  • Mozilla Firefox 2.0.0.18
    cpe:2.3:a:mozilla:firefox:2.0.0.18
  • Mozilla Firefox 2.0.0.19
    cpe:2.3:a:mozilla:firefox:2.0.0.19
  • Mozilla Firefox 2.0.0.20
    cpe:2.3:a:mozilla:firefox:2.0.0.20
  • Mozilla Firefox 3.0
    cpe:2.3:a:mozilla:firefox:3.0
  • Mozilla Firefox 3.0.1
    cpe:2.3:a:mozilla:firefox:3.0.1
  • Mozilla Firefox 3.0.2
    cpe:2.3:a:mozilla:firefox:3.0.2
  • Mozilla Firefox 3.0.3
    cpe:2.3:a:mozilla:firefox:3.0.3
  • Mozilla Firefox 3.0.4
    cpe:2.3:a:mozilla:firefox:3.0.4
  • Mozilla Firefox 3.0.5
    cpe:2.3:a:mozilla:firefox:3.0.5
  • Mozilla Firefox 3.0.6
    cpe:2.3:a:mozilla:firefox:3.0.6
  • Mozilla SeaMonkey 1.0
    cpe:2.3:a:mozilla:seamonkey:1.0
  • Mozilla SeaMonkey 1.0.1
    cpe:2.3:a:mozilla:seamonkey:1.0.1
  • Mozilla SeaMonkey 1.0.2
    cpe:2.3:a:mozilla:seamonkey:1.0.2
  • Mozilla SeaMonkey 1.0.3
    cpe:2.3:a:mozilla:seamonkey:1.0.3
  • Mozilla SeaMonkey 1.0.5
    cpe:2.3:a:mozilla:seamonkey:1.0.5
  • Mozilla SeaMonkey 1.0.6
    cpe:2.3:a:mozilla:seamonkey:1.0.6
  • Mozilla SeaMonkey 1.0.7
    cpe:2.3:a:mozilla:seamonkey:1.0.7
  • Mozilla SeaMonkey 1.0.8
    cpe:2.3:a:mozilla:seamonkey:1.0.8
  • Mozilla SeaMonkey 1.0.9
    cpe:2.3:a:mozilla:seamonkey:1.0.9
  • Mozilla SeaMonkey 1.1
    cpe:2.3:a:mozilla:seamonkey:1.1
  • Mozilla SeaMonkey 1.1 alpha
    cpe:2.3:a:mozilla:seamonkey:1.1:alpha
  • Mozilla SeaMonkey 1.1 beta
    cpe:2.3:a:mozilla:seamonkey:1.1:beta
  • Mozilla Seamonkey 1.1.1
    cpe:2.3:a:mozilla:seamonkey:1.1.1
  • Mozilla Seamonkey 1.1.2
    cpe:2.3:a:mozilla:seamonkey:1.1.2
  • Mozilla Seamonkey 1.1.3
    cpe:2.3:a:mozilla:seamonkey:1.1.3
  • Mozilla Seamonkey 1.1.4
    cpe:2.3:a:mozilla:seamonkey:1.1.4
  • Mozilla Seamonkey 1.1.5
    cpe:2.3:a:mozilla:seamonkey:1.1.5
  • Mozilla Seamonkey 1.1.6
    cpe:2.3:a:mozilla:seamonkey:1.1.6
  • Mozilla Seamonkey 1.1.7
    cpe:2.3:a:mozilla:seamonkey:1.1.7
  • Mozilla SeaMonkey 1.1.8
    cpe:2.3:a:mozilla:seamonkey:1.1.8
  • Mozilla SeaMonkey 1.1.9
    cpe:2.3:a:mozilla:seamonkey:1.1.9
  • Mozilla SeaMonkey 1.1.10
    cpe:2.3:a:mozilla:seamonkey:1.1.10
  • Mozilla SeaMonkey 1.1.11
    cpe:2.3:a:mozilla:seamonkey:1.1.11
  • Mozilla SeaMonkey 1.1.12
    cpe:2.3:a:mozilla:seamonkey:1.1.12
  • Mozilla SeaMonkey 1.1.13
    cpe:2.3:a:mozilla:seamonkey:1.1.13
  • Mozilla SeaMonkey 1.1.14
    cpe:2.3:a:mozilla:seamonkey:1.1.14
  • Mozilla Thunderbird 2.0.0.0
    cpe:2.3:a:mozilla:thunderbird:2.0.0.0
  • Mozilla Thunderbird 2.0.0.4
    cpe:2.3:a:mozilla:thunderbird:2.0.0.4
  • Mozilla Thunderbird 2.0.0.5
    cpe:2.3:a:mozilla:thunderbird:2.0.0.5
  • Mozilla Thunderbird 2.0.0.6
    cpe:2.3:a:mozilla:thunderbird:2.0.0.6
  • Mozilla Thunderbird 2.0.0.9
    cpe:2.3:a:mozilla:thunderbird:2.0.0.9
  • Mozilla Thunderbird 2.0.0.12
    cpe:2.3:a:mozilla:thunderbird:2.0.0.12
  • Mozilla Thunderbird 2.0.0.14
    cpe:2.3:a:mozilla:thunderbird:2.0.0.14
  • Mozilla Thunderbird 2.0.0.16
    cpe:2.3:a:mozilla:thunderbird:2.0.0.16
  • Mozilla Thunderbird 2.0.0.17
    cpe:2.3:a:mozilla:thunderbird:2.0.0.17
  • Mozilla Thunderbird 2.0.0.18
    cpe:2.3:a:mozilla:thunderbird:2.0.0.18
  • Mozilla Thunderbird 2.0.0.19
    cpe:2.3:a:mozilla:thunderbird:2.0.0.19
  • Mozilla Thunderbird 2.0.0.20
    cpe:2.3:a:mozilla:thunderbird:2.0.0.20
CVSS
Base: 5.8 (as of 23-02-2009 - 12:20)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL PARTIAL
nessus via4
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1830.NASL
    description Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-0040 The execution of arbitrary code might be possible via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables. (MFSA 2009-10) - CVE-2009-0352 It is possible to execute arbitrary code via vectors related to the layout engine. (MFSA 2009-01) - CVE-2009-0353 It is possible to execute arbitrary code via vectors related to the JavaScript engine. (MFSA 2009-01) - CVE-2009-0652 Bjoern Hoehrmann and Moxie Marlinspike discovered a possible spoofing attack via Unicode box drawing characters in internationalized domain names. (MFSA 2009-15) - CVE-2009-0771 Memory corruption and assertion failures have been discovered in the layout engine, leading to the possible execution of arbitrary code. (MFSA 2009-07) - CVE-2009-0772 The layout engine allows the execution of arbitrary code in vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection. (MFSA 2009-07) - CVE-2009-0773 The JavaScript engine is prone to the execution of arbitrary code via several vectors. (MFSA 2009-07) - CVE-2009-0774 The layout engine allows the execution of arbitrary code via vectors related to gczeal. (MFSA 2009-07) - CVE-2009-0776 Georgi Guninski discovered that it is possible to obtain xml data via an issue related to the nsIRDFService. (MFSA 2009-09) - CVE-2009-1302 The browser engine is prone to a possible memory corruption via several vectors. (MFSA 2009-14) - CVE-2009-1303 The browser engine is prone to a possible memory corruption via the nsSVGElement::BindToTree function. (MFSA 2009-14) - CVE-2009-1307 Gregory Fleischer discovered that it is possible to bypass the Same Origin Policy when opening a Flash file via the view-source: scheme. (MFSA 2009-17) - CVE-2009-1832 The possible arbitrary execution of code was discovered via vectors involving 'double frame construction.' (MFSA 2009-24) - CVE-2009-1392 Several issues were discovered in the browser engine as used by icedove, which could lead to the possible execution of arbitrary code. (MFSA 2009-24) - CVE-2009-1836 Shuo Chen, Ziqing Mao, Yi-Min Wang and Ming Zhang reported a potential man-in-the-middle attack, when using a proxy due to insufficient checks on a certain proxy response. (MFSA 2009-27) - CVE-2009-1838 moz_bug_r_a4 discovered that it is possible to execute arbitrary JavaScript with chrome privileges due to an error in the garbage collection implementation. (MFSA 2009-29) - CVE-2009-1841 moz_bug_r_a4 reported that it is possible for scripts from page content to run with elevated privileges and thus potentially executing arbitrary code with the object's chrome privileges. (MFSA 2009-32) - No CVE id yet Bernd Jendrissek discovered a potentially exploitable crash when viewing a multipart/alternative mail message with a text/enhanced part. (MFSA 2009-33)
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 44695
    published 2010-02-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=44695
    title Debian DSA-1830-1 : icedove - several vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_MOZILLA-XULRUNNER190-090427.NASL
    description Firefox version upgrade to 3.0.9 to fix various security bugs. (CVE-2009-1302 / CVE-2009-1303 / CVE-2009-1304 / CVE-2009-1305,CVE -2009-1306,CVE-2009-1307 / CVE-2009-1308 / CVE-2009-1309,CVE-200 9-1310,CVE-2009-1311 / CVE-2009-1312 / CVE-2009-0652)
    last seen 2019-02-21
    modified 2018-06-29
    plugin id 41437
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41437
    title SuSE 11 Security Update : Mozilla (SAT Patch Number 834)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2009-111.NASL
    description Security vulnerabilities have been discovered in previous versions, and corrected in the latest Mozilla Firefox 3.x, version 3.0.10. (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305, CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310, CVE-2009-1311, CVE-2009-1312, CVE-2009-1313) This update provides the latest Mozilla Firefox 3.x to correct these issues. Additionally, some packages which require so, have been rebuilt and are being provided as updates. Update : The recent Mozilla Firefox update missed the Firefox language packs for Mandriva Linux 2009. This update provides them, fixing the issue.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 38853
    published 2009-05-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=38853
    title Mandriva Linux Security Advisory : firefox (MDVSA-2009:111-1)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2009-0437.NASL
    description From Red Hat Security Advisory 2009:0437 : Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code as the user running SeaMonkey. (CVE-2009-1303, CVE-2009-1305) Several flaws were found in the way malformed web content was processed. A web page containing malicious content could execute arbitrary JavaScript in the context of the site, possibly presenting misleading data to a user, or stealing sensitive information such as login credentials. (CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1309, CVE-2009-1312) A flaw was found in the way SeaMonkey saved certain web pages to a local file. If a user saved the inner frame of a web page containing POST data, the POST data could be revealed to the inner frame, possibly surrendering sensitive information such as login credentials. (CVE-2009-1311) All SeaMonkey users should upgrade to these updated packages, which correct these issues. After installing the update, SeaMonkey must be restarted for the changes to take effect.
    last seen 2019-02-21
    modified 2018-06-29
    plugin id 67848
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67848
    title Oracle Linux 3 / 4 : seamonkey (ELSA-2009-0437)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2009-0436.NASL
    description From Red Hat Security Advisory 2009:0436 : Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305) Several flaws were found in the way malformed web content was processed. A web page containing malicious content could execute arbitrary JavaScript in the context of the site, possibly presenting misleading data to a user, or stealing sensitive information such as login credentials. (CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310, CVE-2009-1312) A flaw was found in the way Firefox saved certain web pages to a local file. If a user saved the inner frame of a web page containing POST data, the POST data could be revealed to the inner frame, possibly surrendering sensitive information such as login credentials. (CVE-2009-1311) For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 3.0.9. You can find a link to the Mozilla advisories in the References section of this errata. All Firefox users should upgrade to these updated packages, which contain Firefox version 3.0.9, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.
    last seen 2019-02-21
    modified 2018-06-29
    plugin id 67847
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67847
    title Oracle Linux 4 / 5 : firefox (ELSA-2009-0436)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SEAMONKEY-6310.NASL
    description The Mozilla SeaMonkey browser suite was updated to version 1.1.16, fixing various bugs and security issues : - Security update to 1.1.16 - MFSA 2009-12/CVE-2009-1169 (bmo#460090,485217) Crash and remote code execution in XSL transformation - MFSA 2009-14/CVE-2009-1303/CVE-2009-1305 Crashes with evidence of memory corruption (rv:1.9.0.9) - Security update to 1.1.15 - MFSA 2009-15/CVE-2009-0652 URL spoofing with box drawing character - MFSA 2009-07/CVE-2009-0771, CVE-2009-0772, CVE-2009-0773 CVE-2009-0774: Crashes with evidence of memory corruption (rv:1.9.0.7) - MFSA 2009-09/CVE-2009-0776: XML data theft via RDFXMLDataSource and cross-domain redirect - MFSA 2009-10/CVE-2009-0040: Upgrade PNG library to fix memory safety hazards - MFSA 2009-01/CVE-2009-0352 Crashes with evidence of memory corruption (rv:1.9.0.6) - MFSA 2009-05/CVE-2009-0357 XMLHttpRequest allows reading HTTPOnly cookies Please note that the java openjdk plugin might not work after installing this update.
    last seen 2019-02-21
    modified 2018-06-29
    plugin id 39462
    published 2009-06-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=39462
    title openSUSE 10 Security Update : seamonkey (seamonkey-6310)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2009-0436.NASL
    description Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305) Several flaws were found in the way malformed web content was processed. A web page containing malicious content could execute arbitrary JavaScript in the context of the site, possibly presenting misleading data to a user, or stealing sensitive information such as login credentials. (CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310, CVE-2009-1312) A flaw was found in the way Firefox saved certain web pages to a local file. If a user saved the inner frame of a web page containing POST data, the POST data could be revealed to the inner frame, possibly surrendering sensitive information such as login credentials. (CVE-2009-1311) For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 3.0.9. You can find a link to the Mozilla advisories in the References section of this errata. All Firefox users should upgrade to these updated packages, which contain Firefox version 3.0.9, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 43743
    published 2010-01-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43743
    title CentOS 4 / 5 : firefox (CESA-2009:0436)
  • NASL family Windows
    NASL id SEAMONKEY_1115.NASL
    description The installed version of SeaMonkey is earlier than 1.1.15. Such versions are potentially affected by the following security issues : - There are several stability bugs in the browser engine that may lead to crashes with evidence of memory corruption. (MFSA 2009-01) - Cookies marked HTTPOnly are readable by JavaScript via the 'XMLHttpRequest.getResponseHeader' and 'XMLHttpRequest.getAllResponseHeaders' APIs. (MFSA 2009-05) - By exploiting stability bugs in the browser engine, it might be possible for an attacker to execute arbitrary code on the remote system under certain conditions. (MFSA 2009-07) - It may be possible for a website to read arbitrary XML data from another domain by using nsIRDFService and a cross-domain redirect. (MFSA 2009-09) - Vulnerabilities in the PNG libraries used by Mozilla could be exploited to execute arbitrary code on the remote system. (MFSA 2009-10) - A URI spoofing vulnerability exists because the application fails to adequately handle specific characters in IDN subdomains. (MFSA 2009-15)
    last seen 2019-02-21
    modified 2018-07-27
    plugin id 35978
    published 2009-03-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=35978
    title SeaMonkey < 1.1.15 Multiple Vulnerabilities
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201301-01.NASL
    description The remote host is affected by the vulnerability described in GLSA-201301-01 (Mozilla Products: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, bypass restrictions and protection mechanisms, force file downloads, conduct XML injection attacks, conduct XSS attacks, bypass the Same Origin Policy, spoof URL’s for phishing attacks, trigger a vertical scroll, spoof the location bar, spoof an SSL indicator, modify the browser’s font, conduct clickjacking attacks, or have other unspecified impact. A local attacker could gain escalated privileges, obtain sensitive information, or replace an arbitrary downloaded file. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-11-19
    plugin id 63402
    published 2013-01-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63402
    title GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_SEAMONKEY-090617.NASL
    description The Mozilla SeaMonkey browser suite was updated to version 1.1.16, fixing various bugs and security issues : - Security update to 1.1.16 - MFSA 2009-12/CVE-2009-1169 (bmo#460090,485217) Crash and remote code execution in XSL transformation - MFSA 2009-14/CVE-2009-1303/CVE-2009-1305 Crashes with evidence of memory corruption (rv:1.9.0.9) - Security update to 1.1.15 - MFSA 2009-15/CVE-2009-0652 URL spoofing with box drawing character - MFSA 2009-07/CVE-2009-0771, CVE-2009-0772, CVE-2009-0773 CVE-2009-0774: Crashes with evidence of memory corruption (rv:1.9.0.7) - MFSA 2009-09/CVE-2009-0776: XML data theft via RDFXMLDataSource and cross-domain redirect - MFSA 2009-10/CVE-2009-0040: Upgrade PNG library to fix memory safety hazards - MFSA 2009-01/CVE-2009-0352 Crashes with evidence of memory corruption (rv:1.9.0.6) - MFSA 2009-05/CVE-2009-0357 XMLHttpRequest allows reading HTTPOnly cookies Please note that the java openjdk plugin might not work after installing this update.
    last seen 2019-02-21
    modified 2018-06-29
    plugin id 40133
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40133
    title openSUSE Security Update : seamonkey (seamonkey-1014)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2009-0437.NASL
    description Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code as the user running SeaMonkey. (CVE-2009-1303, CVE-2009-1305) Several flaws were found in the way malformed web content was processed. A web page containing malicious content could execute arbitrary JavaScript in the context of the site, possibly presenting misleading data to a user, or stealing sensitive information such as login credentials. (CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1309, CVE-2009-1312) A flaw was found in the way SeaMonkey saved certain web pages to a local file. If a user saved the inner frame of a web page containing POST data, the POST data could be revealed to the inner frame, possibly surrendering sensitive information such as login credentials. (CVE-2009-1311) All SeaMonkey users should upgrade to these updated packages, which correct these issues. After installing the update, SeaMonkey must be restarted for the changes to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 38899
    published 2009-05-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=38899
    title CentOS 3 / 4 : seamonkey (CESA-2009:0437)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2009-0437.NASL
    description Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code as the user running SeaMonkey. (CVE-2009-1303, CVE-2009-1305) Several flaws were found in the way malformed web content was processed. A web page containing malicious content could execute arbitrary JavaScript in the context of the site, possibly presenting misleading data to a user, or stealing sensitive information such as login credentials. (CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1309, CVE-2009-1312) A flaw was found in the way SeaMonkey saved certain web pages to a local file. If a user saved the inner frame of a web page containing POST data, the POST data could be revealed to the inner frame, possibly surrendering sensitive information such as login credentials. (CVE-2009-1311) All SeaMonkey users should upgrade to these updated packages, which correct these issues. After installing the update, SeaMonkey must be restarted for the changes to take effect.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 36214
    published 2009-04-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=36214
    title RHEL 2.1 / 3 / 4 : seamonkey (RHSA-2009:0437)
  • NASL family Windows
    NASL id MOZILLA_FIREFOX_309.NASL
    description The installed version of Firefox is earlier than 3.0.9. Such versions are potentially affected by the following security issues : - Multiple remote memory corruption vulnerabilities exist that can be exploited to execute arbitrary code in the context of the user running the affected application. (MFSA 2009-14) - A flaw may exist where Unicode box drawing characters are allowed in Internationalized Domain Names where they could be visually confused with punctuation used in valid web addresses. An attacker can leverage this to launch a phishing-type scam against a victim. (MFSA 2009-15) - A vulnerability exists when the 'jar:' scheme is used to wrap a URI which serves the content with 'Content-Disposition: attachment'. An attacker can leverage this to subvert sites that use this mechanism to mitigate content injection attacks. (MFSA 2009-16) - When an Adobe Flash file is loaded via the 'view-source:' scheme, the Flash plugin misinterprets the origin of the content as localhost. An attacker can leverage this to launch cross-site request forgery attacks. It is also possible to exploit this to place cookie-like objects on victim's computers. (MFSA 2009-17) - A vulnerability exists that allows attackers to inject arbitrary scripts into sites via XBL bindings. This vulnerability requires the attacker to have the ability to embed third-party stylesheets into the site. (MFSA 2009-18) - Multiple remote code execution vulnerabilities exist caused by the creation of documents whose URI does not match the document's principle using XMLHttpRequest, as well as a flaw in the 'XPCNativeWrapper.ToString' '__proto__' coming from the wrong scope. (MFSA 2009-19) - A malicious MozSearch plugin could be created using a javascript: URI in the SearchForm value. An attacker can leverage this in order to inject code into arbitrary sites. (MFSA 2009-20) - An information disclosure vulnerability exists when saving the inner frame of a web page as a file when the outer page has POST data associated with it. (MFSA 2009-21) - A cross-site scripting vulnerability exists when handling a Refresh header containing a javascript: URI. (MFSA 2009-22)
    last seen 2019-02-21
    modified 2018-07-17
    plugin id 36215
    published 2009-04-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=36215
    title Firefox < 3.0.9 Multiple Vulnerabilities
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20090421_SEAMONKEY_ON_SL3_X.NASL
    description Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code as the user running SeaMonkey. (CVE-2009-1303, CVE-2009-1305) Several flaws were found in the way malformed web content was processed. A web page containing malicious content could execute arbitrary JavaScript in the context of the site, possibly presenting misleading data to a user, or stealing sensitive information such as login credentials. (CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1309, CVE-2009-1312) A flaw was found in the way SeaMonkey saved certain web pages to a local file. If a user saved the inner frame of a web page containing POST data, the POST data could be revealed to the inner frame, possibly surrendering sensitive information such as login credentials. (CVE-2009-1311) SeaMonkey must be restarted for the changes to take effect.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 60573
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60573
    title Scientific Linux Security Update : seamonkey on SL3.x, SL4.x i386/x86_64
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-764-1.NASL
    description Several flaws were discovered in the browser engine. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305) It was discovered that Firefox displayed certain Unicode characters which could be visually confused with punctuation in valid web addresses in the location bar. An attacker could exploit this to spoof the location bar, such as in a phishing attack. (CVE-2009-0652) Several flaws were discovered in the way Firefox processed malformed URI schemes. If a user were tricked into viewing a malicious website, a remote attacker could execute arbitrary JavaScript or steal private data. (CVE-2009-1306, CVE-2009-1307, CVE-2009-1309, CVE-2009-1310, CVE-2009-1312) Cefn Hoile discovered Firefox did not adequately protect against embedded third-party stylesheets. An attacker could exploit this to perform script injection attacks using XBL bindings. (CVE-2009-1308) Paolo Amadini discovered that Firefox would submit POST data when reloading an inner frame of a web page. If a user were tricked into viewing a malicious website, a remote attacker could steal private data. (CVE-2009-1311). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 36228
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=36228
    title Ubuntu 8.04 LTS / 8.10 / 9.04 : firefox-3.0, xulrunner-1.9 vulnerabilities (USN-764-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_1_MOZILLAFIREFOX-090427.NASL
    description Firefox version upgrade to 3.0.9 to fix various security bugs. (CVE-2009-1302,CVE-2009-1303,CVE-2009-1304,CVE-2009-1305,CVE -2009-1306,CVE-2009-1307,CVE-2009-1308,CVE-2009-1309,CVE-200 9-1310,CVE-2009-1311,CVE-2009-1312,CVE-2009-0652)
    last seen 2019-02-21
    modified 2018-06-29
    plugin id 40172
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40172
    title openSUSE Security Update : MozillaFirefox (MozillaFirefox-833)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2009-3893.NASL
    description http://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.9 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-20
    plugin id 38160
    published 2009-04-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=38160
    title Fedora 10 : Miro-2.0.3-3.fc10 / blam-1.8.5-9.fc10 / devhelp-0.22-7.fc10 / epiphany-2.24.3-5.fc10 / etc (2009-3893)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1797.NASL
    description Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-0652 Moxie Marlinspike discovered that Unicode box drawing characters inside of internationalised domain names could be used for phishing attacks. - CVE-2009-1302 Olli Pettay, Martijn Wargers, Mats Palmgren, Oleg Romashin, Jesse Ruderman and Gary Kwong reported crashes in the layout engine, which might allow the execution of arbitrary code. - CVE-2009-1303 Olli Pettay, Martijn Wargers, Mats Palmgren, Oleg Romashin, Jesse Ruderman and Gary Kwong reported crashes in the layout engine, which might allow the execution of arbitrary code. - CVE-2009-1304 Igor Bukanov and Bob Clary discovered crashes in the JavaScript engine, which might allow the execution of arbitrary code. - CVE-2009-1305 Igor Bukanov and Bob Clary discovered crashes in the JavaScript engine, which might allow the execution of arbitrary code. - CVE-2009-1306 Daniel Veditz discovered that the Content-Disposition: header is ignored within the jar: URI scheme. - CVE-2009-1307 Gregory Fleischer discovered that the same-origin policy for Flash files is inproperly enforced for files loaded through the view-source scheme, which may result in bypass of cross-domain policy restrictions. - CVE-2009-1308 Cefn Hoile discovered that sites, which allow the embedding of third-party stylesheets are vulnerable to cross-site scripting attacks through XBL bindings. - CVE-2009-1309 'moz_bug_r_a4' discovered bypasses of the same-origin policy in the XMLHttpRequest JavaScript API and the XPCNativeWrapper. - CVE-2009-1311 Paolo Amadini discovered that incorrect handling of POST data when saving a website with an embedded frame may lead to information disclosure. - CVE-2009-1312 It was discovered that Iceweasel allows Refresh: headers to redirect to JavaScript URIs, resulting in cross-site scripting.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 38724
    published 2009-05-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=38724
    title Debian DSA-1797-1 : xulrunner - several vulnerabilities
  • NASL family Windows
    NASL id MOZILLA_THUNDERBIRD_20021.NASL
    description The installed version of Thunderbird is earlier than 2.0.0.21. Such versions are potentially affected by the following security issues : - There are several stability bugs in the browser engine that could lead to crashes with evidence of memory corruption. (MFSA 2009-01) - By exploiting stability bugs in the browser engine, it might be possible for an attacker to execute arbitrary code on the remote system under certain conditions. (MFSA 2009-07) - It might be possible for a website to read arbitrary XML data from another domain by using nsIRDFService and a cross-domain redirect. (MFSA 2009-09) - Vulnerabilities in the PNG libraries used by Mozilla could be exploited to execute arbitrary code on the remote system. (MFSA 2009-10) - A URI-spoofing vulnerability exists because the application fails to adequately handle specific characters in IDN subdomains. (MFSA 2009-15)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 35977
    published 2009-03-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=35977
    title Mozilla Thunderbird < 2.0.0.21 Multiple Vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_1_MOZILLA-XULRUNNER190-090427.NASL
    description Firefox version upgrade to 3.0.9 to fix various security bugs. (CVE-2009-1302,CVE-2009-1303,CVE-2009-1304,CVE-2009-1305,CVE -2009-1306,CVE-2009-1307,CVE-2009-1308,CVE-2009-1309,CVE-200 9-1310,CVE-2009-1311,CVE-2009-1312,CVE-2009-0652)
    last seen 2019-02-21
    modified 2018-06-29
    plugin id 40280
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40280
    title openSUSE Security Update : mozilla-xulrunner190 (mozilla-xulrunner190-832)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_MOZILLAFIREFOX-090427.NASL
    description Firefox version upgrade to 3.0.9 to fix various security bugs. (CVE-2009-1302,CVE-2009-1303,CVE-2009-1304,CVE-2009-1305,CVE -2009-1306,CVE-2009-1307,CVE-2009-1308,CVE-2009-1309,CVE-200 9-1310,CVE-2009-1311,CVE-2009-1312,CVE-2009-0652)
    last seen 2019-02-21
    modified 2018-06-29
    plugin id 39889
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=39889
    title openSUSE Security Update : MozillaFirefox (MozillaFirefox-833)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2009-0436.NASL
    description Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305) Several flaws were found in the way malformed web content was processed. A web page containing malicious content could execute arbitrary JavaScript in the context of the site, possibly presenting misleading data to a user, or stealing sensitive information such as login credentials. (CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310, CVE-2009-1312) A flaw was found in the way Firefox saved certain web pages to a local file. If a user saved the inner frame of a web page containing POST data, the POST data could be revealed to the inner frame, possibly surrendering sensitive information such as login credentials. (CVE-2009-1311) For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 3.0.9. You can find a link to the Mozilla advisories in the References section of this errata. All Firefox users should upgrade to these updated packages, which contain Firefox version 3.0.9, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 36213
    published 2009-04-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=36213
    title RHEL 4 / 5 : firefox (RHSA-2009:0436)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_MOZILLA-XULRUNNER190-090427.NASL
    description Firefox version upgrade to 3.0.9 to fix various security bugs. (CVE-2009-1302,CVE-2009-1303,CVE-2009-1304,CVE-2009-1305,CVE -2009-1306,CVE-2009-1307,CVE-2009-1308,CVE-2009-1309,CVE-200 9-1310,CVE-2009-1311,CVE-2009-1312,CVE-2009-0652)
    last seen 2019-02-21
    modified 2018-06-29
    plugin id 40076
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40076
    title openSUSE Security Update : mozilla-xulrunner190 (mozilla-xulrunner190-832)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_MOZILLAFIREFOX-090427.NASL
    description Firefox version upgrade to 3.0.9 to fix various security bugs. (CVE-2009-1302 / CVE-2009-1303 / CVE-2009-1304 / CVE-2009-1305 / CVE-2009-1306 / CVE-2009-1307 / CVE-2009-1308 / CVE-2009-1309 / CVE-2009-1310 / CVE-2009-1311 / CVE-2009-1312 / CVE-2009-0652)
    last seen 2019-02-21
    modified 2018-06-29
    plugin id 41354
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41354
    title SuSE 11 Security Update : MozillaFirefox (SAT Patch Number 835)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2009-3875.NASL
    description http://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.9 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-20
    plugin id 37309
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37309
    title Fedora 9 : Miro-2.0.3-3.fc9 / blam-1.8.5-8.fc9.1 / chmsee-1.0.1-11.fc9 / devhelp-0.19.1-11.fc9 / etc (2009-3875)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20090421_FIREFOX_ON_SL4_X.NASL
    description Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305) Several flaws were found in the way malformed web content was processed. A web page containing malicious content could execute arbitrary JavaScript in the context of the site, possibly presenting misleading data to a user, or stealing sensitive information such as login credentials. (CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310, CVE-2009-1312) A flaw was found in the way Firefox saved certain web pages to a local file. If a user saved the inner frame of a web page containing POST data, the POST data could be revealed to the inner frame, possibly surrendering sensitive information such as login credentials. (CVE-2009-1311) After installing the update, Firefox must be restarted for the changes to take effect.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 60572
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60572
    title Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_1_SEAMONKEY-090617.NASL
    description The Mozilla SeaMonkey browser suite was updated to version 1.1.16, fixing various bugs and security issues : - Security update to 1.1.16 - MFSA 2009-12/CVE-2009-1169 (bmo#460090,485217) Crash and remote code execution in XSL transformation - MFSA 2009-14/CVE-2009-1303/CVE-2009-1305 Crashes with evidence of memory corruption (rv:1.9.0.9) - Security update to 1.1.15 - MFSA 2009-15/CVE-2009-0652 URL spoofing with box drawing character - MFSA 2009-07/CVE-2009-0771, CVE-2009-0772, CVE-2009-0773 CVE-2009-0774: Crashes with evidence of memory corruption (rv:1.9.0.7) - MFSA 2009-09/CVE-2009-0776: XML data theft via RDFXMLDataSource and cross-domain redirect - MFSA 2009-10/CVE-2009-0040: Upgrade PNG library to fix memory safety hazards - MFSA 2009-01/CVE-2009-0352 Crashes with evidence of memory corruption (rv:1.9.0.6) - MFSA 2009-05/CVE-2009-0357 XMLHttpRequest allows reading HTTPOnly cookies Please note that the java openjdk plugin might not work after installing this update.
    last seen 2019-02-21
    modified 2018-06-29
    plugin id 40309
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40309
    title openSUSE Security Update : seamonkey (seamonkey-1014)
oval via4
accepted 2013-04-29T04:13:48.392-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description The Internationalized Domain Names (IDN) blacklist in Mozilla Firefox 3.0.6 and other versions before 3.0.9; Thunderbird before 2.0.0.21; and SeaMonkey before 1.1.15 does not include box-drawing characters, which allows remote attackers to spoof URLs and conduct phishing attacks, as demonstrated by homoglyphs of the / (slash) and ? (question mark) characters in a subdomain of a .cn domain name, a different vulnerability than CVE-2005-0233. NOTE: some third parties claim that 3.0.6 is not affected, but much older versions perhaps are affected.
family unix
id oval:org.mitre.oval:def:11396
status accepted
submitted 2010-07-09T03:56:16-04:00
title The Internationalized Domain Names (IDN) blacklist in Mozilla Firefox 3.0.6 and other versions before 3.0.9; Thunderbird before 2.0.0.21; and SeaMonkey before 1.1.15 does not include box-drawing characters, which allows remote attackers to spoof URLs and conduct phishing attacks, as demonstrated by homoglyphs of the / (slash) and ? (question mark) characters in a subdomain of a .cn domain name, a different vulnerability than CVE-2005-0233. NOTE: some third parties claim that 3.0.6 is not affected, but much older versions perhaps are affected.
version 24
redhat via4
advisories
  • rhsa
    id RHSA-2009:0436
  • rhsa
    id RHSA-2009:0437
rpms
  • firefox-0:3.0.9-1.el4
  • xulrunner-0:1.9.0.9-1.el5
  • xulrunner-devel-0:1.9.0.9-1.el5
  • xulrunner-devel-unstable-0:1.9.0.9-1.el5
  • firefox-0:3.0.9-1.el5
  • seamonkey-0:1.0.9-0.37.el3
  • seamonkey-chat-0:1.0.9-0.37.el3
  • seamonkey-devel-0:1.0.9-0.37.el3
  • seamonkey-dom-inspector-0:1.0.9-0.37.el3
  • seamonkey-js-debugger-0:1.0.9-0.37.el3
  • seamonkey-mail-0:1.0.9-0.37.el3
  • seamonkey-nspr-0:1.0.9-0.37.el3
  • seamonkey-nspr-devel-0:1.0.9-0.37.el3
  • seamonkey-nss-0:1.0.9-0.37.el3
  • seamonkey-nss-devel-0:1.0.9-0.37.el3
  • seamonkey-0:1.0.9-41.el4
  • seamonkey-chat-0:1.0.9-41.el4
  • seamonkey-devel-0:1.0.9-41.el4
  • seamonkey-dom-inspector-0:1.0.9-41.el4
  • seamonkey-js-debugger-0:1.0.9-41.el4
  • seamonkey-mail-0:1.0.9-41.el4
refmap via4
bid 33837
confirm http://www.mozilla.org/security/announce/2009/mfsa2009-15.html
debian
  • DSA-1797
  • DSA-1830
fedora FEDORA-2009-3875
mandriva MDVSA-2009:111
misc
mlist
  • [dailydave] 20090219 SSL MITM fun.
  • [dailydave] 20090220 SSL MITM fun.
secunia
  • 34096
  • 34843
  • 34844
  • 34894
  • 35042
  • 35065
suse SUSE-SR:2009:010
ubuntu USN-764-1
vupen ADV-2009-1125
xf mozilla-firefox-homoglyph-spoofing(48974)
Last major update 05-01-2012 - 00:00
Published 20-02-2009 - 14:30
Last modified 03-10-2018 - 17:58
Back to Top