ID CVE-2009-3985
Summary Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to associate spoofed content with an invalid URL by setting document.location to this URL, and then writing arbitrary web script or HTML to the associated blank document, a related issue to CVE-2009-2654.
References
Vulnerable Configurations
  • Mozilla Firefox 3.5.1
    cpe:2.3:a:mozilla:firefox:3.5.1
  • Mozilla Firefox 3.5.2
    cpe:2.3:a:mozilla:firefox:3.5.2
  • Mozilla Firefox 3.5.3
    cpe:2.3:a:mozilla:firefox:3.5.3
  • Mozilla Firefox 3.5.4
    cpe:2.3:a:mozilla:firefox:3.5.4
  • Mozilla Firefox 3.5.5
    cpe:2.3:a:mozilla:firefox:3.5.5
  • Mozilla SeaMonkey 1.0.8
    cpe:2.3:a:mozilla:seamonkey:1.0.8
  • Mozilla SeaMonkey 1.0.7
    cpe:2.3:a:mozilla:seamonkey:1.0.7
  • Mozilla SeaMonkey 1.0.6
    cpe:2.3:a:mozilla:seamonkey:1.0.6
  • Mozilla SeaMonkey 1.0.1
    cpe:2.3:a:mozilla:seamonkey:1.0.1
  • Mozilla SeaMonkey 1.0
    cpe:2.3:a:mozilla:seamonkey:1.0
  • Mozilla SeaMonkey 1.0.5
    cpe:2.3:a:mozilla:seamonkey:1.0.5
  • Mozilla SeaMonkey 1.0.4
    cpe:2.3:a:mozilla:seamonkey:1.0.4
  • Mozilla SeaMonkey 1.0.3
    cpe:2.3:a:mozilla:seamonkey:1.0.3
  • Mozilla SeaMonkey 1.0.2
    cpe:2.3:a:mozilla:seamonkey:1.0.2
  • Mozilla SeaMonkey 1.0 alpha
    cpe:2.3:a:mozilla:seamonkey:1.0:alpha
  • Mozilla SeaMonkey 1.0 beta
    cpe:2.3:a:mozilla:seamonkey:1.0:beta
  • Mozilla SeaMonkey 1.1
    cpe:2.3:a:mozilla:seamonkey:1.1
  • Mozilla Seamonkey 1.1.1
    cpe:2.3:a:mozilla:seamonkey:1.1.1
  • Mozilla SeaMonkey 1.1.10
    cpe:2.3:a:mozilla:seamonkey:1.1.10
  • cpe:2.3:a:mozilla:seamonkey:1.0.99
    cpe:2.3:a:mozilla:seamonkey:1.0.99
  • Mozilla SeaMonkey 1.0.9
    cpe:2.3:a:mozilla:seamonkey:1.0.9
  • Mozilla SeaMonkey 1.1.14
    cpe:2.3:a:mozilla:seamonkey:1.1.14
  • Mozilla SeaMonkey 1.1.12
    cpe:2.3:a:mozilla:seamonkey:1.1.12
  • Mozilla SeaMonkey 1.1.15
    cpe:2.3:a:mozilla:seamonkey:1.1.15
  • Mozilla Seamonkey 1.1.4
    cpe:2.3:a:mozilla:seamonkey:1.1.4
  • Mozilla SeaMonkey 1.1.16
    cpe:2.3:a:mozilla:seamonkey:1.1.16
  • Mozilla Seamonkey 1.1.3
    cpe:2.3:a:mozilla:seamonkey:1.1.3
  • Mozilla SeaMonkey 1.1.17
    cpe:2.3:a:mozilla:seamonkey:1.1.17
  • Mozilla Seamonkey 1.1.2
    cpe:2.3:a:mozilla:seamonkey:1.1.2
  • Mozilla SeaMonkey 1.1.13
    cpe:2.3:a:mozilla:seamonkey:1.1.13
  • Mozilla SeaMonkey 1.1.11
    cpe:2.3:a:mozilla:seamonkey:1.1.11
  • Mozilla Seamonkey 1.1.6
    cpe:2.3:a:mozilla:seamonkey:1.1.6
  • Mozilla SeaMonkey 1.1.9
    cpe:2.3:a:mozilla:seamonkey:1.1.9
  • Mozilla Seamonkey 1.1.5
    cpe:2.3:a:mozilla:seamonkey:1.1.5
  • Mozilla SeaMonkey 1.1 alpha
    cpe:2.3:a:mozilla:seamonkey:1.1:alpha
  • Mozilla SeaMonkey 1.1.8
    cpe:2.3:a:mozilla:seamonkey:1.1.8
  • Mozilla SeaMonkey 1.1 beta
    cpe:2.3:a:mozilla:seamonkey:1.1:beta
  • Mozilla Seamonkey 1.1.7
    cpe:2.3:a:mozilla:seamonkey:1.1.7
  • Mozilla SeaMonkey 2.0
    cpe:2.3:a:mozilla:seamonkey:2.0
  • Mozilla SeaMonkey 1.5.0.10
    cpe:2.3:a:mozilla:seamonkey:1.5.0.10
  • Mozilla SeaMonkey 2.0 Alpha 2
    cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2
  • Mozilla SeaMonkey 2.0 Alpha 1
    cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1
  • Mozilla SeaMonkey 1.5.0.8
    cpe:2.3:a:mozilla:seamonkey:1.5.0.8
  • Mozilla SeaMonkey 1.5.0.9
    cpe:2.3:a:mozilla:seamonkey:1.5.0.9
  • Mozilla SeaMonkey 2.0 RC1
    cpe:2.3:a:mozilla:seamonkey:2.0:rc1
  • Mozilla SeaMonkey 2.0 Beta 2
    cpe:2.3:a:mozilla:seamonkey:2.0:beta_2
  • Mozilla SeaMonkey 2.0 Beta 1
    cpe:2.3:a:mozilla:seamonkey:2.0:beta_1
  • Mozilla SeaMonkey 2.0 Alpha 3
    cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3
  • cpe:2.3:a:mozilla:seamonkey:2.0a1:-:pre
    cpe:2.3:a:mozilla:seamonkey:2.0a1:-:pre
  • cpe:2.3:a:mozilla:seamonkey:2.0a1pre
    cpe:2.3:a:mozilla:seamonkey:2.0a1pre
  • Mozilla SeaMonkey 2.0 RC2
    cpe:2.3:a:mozilla:seamonkey:2.0:rc2
  • Mozilla Firefox 0.10.1
    cpe:2.3:a:mozilla:firefox:0.10.1
  • Mozilla Firefox 0.6.1
    cpe:2.3:a:mozilla:firefox:0.6.1
  • Mozilla Firefox 0.3
    cpe:2.3:a:mozilla:firefox:0.3
  • Mozilla Firefox 0.4
    cpe:2.3:a:mozilla:firefox:0.4
  • Mozilla Firefox 0.5
    cpe:2.3:a:mozilla:firefox:0.5
  • Mozilla Firefox 0.6
    cpe:2.3:a:mozilla:firefox:0.6
  • Mozilla Firefox 0.1
    cpe:2.3:a:mozilla:firefox:0.1
  • Mozilla Firefox 0.2
    cpe:2.3:a:mozilla:firefox:0.2
  • Mozilla Firefox 0.10
    cpe:2.3:a:mozilla:firefox:0.10
  • Mozilla Firefox 0.8
    cpe:2.3:a:mozilla:firefox:0.8
  • Mozilla Firefox 0.9.1
    cpe:2.3:a:mozilla:firefox:0.9.1
  • Mozilla Firefox 0.9
    cpe:2.3:a:mozilla:firefox:0.9
  • Mozilla Firefox 0.9.3
    cpe:2.3:a:mozilla:firefox:0.9.3
  • Mozilla Firefox 0.7
    cpe:2.3:a:mozilla:firefox:0.7
  • Mozilla Firefox 0.9.2
    cpe:2.3:a:mozilla:firefox:0.9.2
  • Mozilla Firefox 0.7.1
    cpe:2.3:a:mozilla:firefox:0.7.1
  • Mozilla Firefox 1.0
    cpe:2.3:a:mozilla:firefox:1.0
  • Mozilla Firefox 0.9 rc
    cpe:2.3:a:mozilla:firefox:0.9:rc
  • Mozilla Firefox 1.0.1
    cpe:2.3:a:mozilla:firefox:1.0.1
  • Mozilla Firefox 1.0 Preview Release
    cpe:2.3:a:mozilla:firefox:1.0:preview_release
  • Mozilla Firefox 1.0.3
    cpe:2.3:a:mozilla:firefox:1.0.3
  • Mozilla Firefox 1.0.2
    cpe:2.3:a:mozilla:firefox:1.0.2
  • Mozilla Firefox 1.0.5
    cpe:2.3:a:mozilla:firefox:1.0.5
  • Mozilla Firefox 1.0.4
    cpe:2.3:a:mozilla:firefox:1.0.4
  • Mozilla Firefox 1.0.7
    cpe:2.3:a:mozilla:firefox:1.0.7
  • Mozilla Firefox 1.0.6
    cpe:2.3:a:mozilla:firefox:1.0.6
  • Mozilla Firefox 1.0.8
    cpe:2.3:a:mozilla:firefox:1.0.8
  • Mozilla Firefox 1.5.0.4
    cpe:2.3:a:mozilla:firefox:1.5.0.4
  • Mozilla Firefox 1.4.1
    cpe:2.3:a:mozilla:firefox:1.4.1
  • Mozilla Firefox 1.5.0.5
    cpe:2.3:a:mozilla:firefox:1.5.0.5
  • Mozilla Firefox 1.5.0.2
    cpe:2.3:a:mozilla:firefox:1.5.0.2
  • Mozilla Firefox 1.5.0.3
    cpe:2.3:a:mozilla:firefox:1.5.0.3
  • Mozilla Firefox 1.5.0.11
    cpe:2.3:a:mozilla:firefox:1.5.0.11
  • Mozilla Firefox 1.5.0.12
    cpe:2.3:a:mozilla:firefox:1.5.0.12
  • Mozilla Firefox 1.5.0.1
    cpe:2.3:a:mozilla:firefox:1.5.0.1
  • Mozilla Firefox 1.5.0.10
    cpe:2.3:a:mozilla:firefox:1.5.0.10
  • Mozilla Firefox 1.5
    cpe:2.3:a:mozilla:firefox:1.5
  • Mozilla Firefox 1.5.6
    cpe:2.3:a:mozilla:firefox:1.5.6
  • Mozilla Firefox 1.5.5
    cpe:2.3:a:mozilla:firefox:1.5.5
  • Mozilla Firefox 1.5.3
    cpe:2.3:a:mozilla:firefox:1.5.3
  • Mozilla Firefox 1.5.4
    cpe:2.3:a:mozilla:firefox:1.5.4
  • Mozilla Firefox 1.5.1
    cpe:2.3:a:mozilla:firefox:1.5.1
  • Mozilla Firefox 1.5.2
    cpe:2.3:a:mozilla:firefox:1.5.2
  • Mozilla Firefox 1.5.0.8
    cpe:2.3:a:mozilla:firefox:1.5.0.8
  • Mozilla Firefox 1.5.0.9
    cpe:2.3:a:mozilla:firefox:1.5.0.9
  • Mozilla Firefox 1.5.0.6
    cpe:2.3:a:mozilla:firefox:1.5.0.6
  • Mozilla Firefox 1.5.0.7
    cpe:2.3:a:mozilla:firefox:1.5.0.7
  • Mozilla Firefox 1.5 Beta 2
    cpe:2.3:a:mozilla:firefox:1.5:beta2
  • Mozilla Firefox 2.0
    cpe:2.3:a:mozilla:firefox:2.0
  • Mozilla Firefox 1.8
    cpe:2.3:a:mozilla:firefox:1.8
  • Mozilla Firefox 1.5.8
    cpe:2.3:a:mozilla:firefox:1.5.8
  • Mozilla Firefox 1.5.7
    cpe:2.3:a:mozilla:firefox:1.5.7
  • Mozilla Firefox 1.5 Beta 1
    cpe:2.3:a:mozilla:firefox:1.5:beta1
  • Mozilla Firefox 2.0.0.10
    cpe:2.3:a:mozilla:firefox:2.0.0.10
  • Mozilla Firefox 2.0.0.1
    cpe:2.3:a:mozilla:firefox:2.0.0.1
  • Mozilla Firefox 2.0.0.11
    cpe:2.3:a:mozilla:firefox:2.0.0.11
  • Mozilla Firefox 2.0.0.12
    cpe:2.3:a:mozilla:firefox:2.0.0.12
  • Mozilla Firefox 2.0.0.13
    cpe:2.3:a:mozilla:firefox:2.0.0.13
  • Mozilla Firefox 2.0.0.14
    cpe:2.3:a:mozilla:firefox:2.0.0.14
  • Mozilla Firefox 2.0.0.15
    cpe:2.3:a:mozilla:firefox:2.0.0.15
  • Mozilla Firefox 2.0.0.16
    cpe:2.3:a:mozilla:firefox:2.0.0.16
  • Mozilla Firefox 2.0.0.17
    cpe:2.3:a:mozilla:firefox:2.0.0.17
  • Mozilla Firefox 2.0.0.18
    cpe:2.3:a:mozilla:firefox:2.0.0.18
  • Mozilla Firefox 2.0.0.19
    cpe:2.3:a:mozilla:firefox:2.0.0.19
  • Mozilla Firefox 2.0.0.2
    cpe:2.3:a:mozilla:firefox:2.0.0.2
  • Mozilla Firefox 2.0.0.20
    cpe:2.3:a:mozilla:firefox:2.0.0.20
  • cpe:2.3:a:mozilla:firefox:2.0.0.21
    cpe:2.3:a:mozilla:firefox:2.0.0.21
  • Mozilla Firefox 2.0.0.3
    cpe:2.3:a:mozilla:firefox:2.0.0.3
  • Mozilla Firefox 2.0.0.4
    cpe:2.3:a:mozilla:firefox:2.0.0.4
  • Mozilla Firefox 2.0.0.5
    cpe:2.3:a:mozilla:firefox:2.0.0.5
  • Mozilla Firefox 2.0.0.6
    cpe:2.3:a:mozilla:firefox:2.0.0.6
  • Mozilla Firefox 2.0.0.7
    cpe:2.3:a:mozilla:firefox:2.0.0.7
  • Mozilla Firefox 2.0.0.8
    cpe:2.3:a:mozilla:firefox:2.0.0.8
  • Mozilla Firefox 2.0.0.9
    cpe:2.3:a:mozilla:firefox:2.0.0.9
  • cpe:2.3:a:mozilla:firefox:2.0:beta_1
    cpe:2.3:a:mozilla:firefox:2.0:beta_1
  • cpe:2.3:a:mozilla:firefox:2.0:beta1
    cpe:2.3:a:mozilla:firefox:2.0:beta1
  • cpe:2.3:a:mozilla:firefox:2.0_.1
    cpe:2.3:a:mozilla:firefox:2.0_.1
  • cpe:2.3:a:mozilla:firefox:2.0_.10
    cpe:2.3:a:mozilla:firefox:2.0_.10
  • cpe:2.3:a:mozilla:firefox:2.0_.4
    cpe:2.3:a:mozilla:firefox:2.0_.4
  • cpe:2.3:a:mozilla:firefox:2.0_.5
    cpe:2.3:a:mozilla:firefox:2.0_.5
  • cpe:2.3:a:mozilla:firefox:2.0:rc3
    cpe:2.3:a:mozilla:firefox:2.0:rc3
  • cpe:2.3:a:mozilla:firefox:2.0_.6
    cpe:2.3:a:mozilla:firefox:2.0_.6
  • cpe:2.3:a:mozilla:firefox:2.0_.7
    cpe:2.3:a:mozilla:firefox:2.0_.7
  • cpe:2.3:a:mozilla:firefox:2.0_.9
    cpe:2.3:a:mozilla:firefox:2.0_.9
  • cpe:2.3:a:mozilla:firefox:2.0:rc2
    cpe:2.3:a:mozilla:firefox:2.0:rc2
  • cpe:2.3:a:mozilla:firefox:2.0_8
    cpe:2.3:a:mozilla:firefox:2.0_8
  • Mozilla Firefox 3.0
    cpe:2.3:a:mozilla:firefox:3.0
  • Mozilla Firefox 3.0.1
    cpe:2.3:a:mozilla:firefox:3.0.1
  • Mozilla Firefox 3.0.10
    cpe:2.3:a:mozilla:firefox:3.0.10
  • Mozilla Firefox 3.0.11
    cpe:2.3:a:mozilla:firefox:3.0.11
  • Mozilla Firefox 3.0.12
    cpe:2.3:a:mozilla:firefox:3.0.12
  • Mozilla Firefox 3.0.13
    cpe:2.3:a:mozilla:firefox:3.0.13
  • Mozilla Firefox 3.0.14
    cpe:2.3:a:mozilla:firefox:3.0.14
  • Mozilla Firefox 3.0.2
    cpe:2.3:a:mozilla:firefox:3.0.2
  • Mozilla Firefox 3.0.3
    cpe:2.3:a:mozilla:firefox:3.0.3
  • Mozilla Firefox 3.0.4
    cpe:2.3:a:mozilla:firefox:3.0.4
  • Mozilla Firefox 3.0.5
    cpe:2.3:a:mozilla:firefox:3.0.5
  • Mozilla Firefox 3.0.6
    cpe:2.3:a:mozilla:firefox:3.0.6
  • Mozilla Firefox 3.0.7
    cpe:2.3:a:mozilla:firefox:3.0.7
  • Mozilla Firefox 3.0.8
    cpe:2.3:a:mozilla:firefox:3.0.8
  • Mozilla Firefox 3.0.9
    cpe:2.3:a:mozilla:firefox:3.0.9
  • cpe:2.3:a:mozilla:firefox:3.0:beta5
    cpe:2.3:a:mozilla:firefox:3.0:beta5
  • Mozilla Firefox 3.0 Beta 2
    cpe:2.3:a:mozilla:firefox:3.0:beta2
  • cpe:2.3:a:mozilla:firefox:3.0:alpha
    cpe:2.3:a:mozilla:firefox:3.0:alpha
  • Mozilla Firefox 3.0.15
    cpe:2.3:a:mozilla:firefox:3.0.15
CVSS
Base: 6.8 (as of 18-12-2009 - 06:25)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2009-13333.NASL
    description Update to new upstream Firefox version 3.5.6, fixing multiple security issues detailed in the upstream advisories: http://www.mozilla.org/security/known- vulnerabilities/firefox35.html#firefox3.5.6 Update also includes all packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner. CVE-2009-3979 CVE-2009-3980 CVE-2009-3982 CVE-2009-3983 CVE-2009-3984 CVE-2009-3985 CVE-2009-3986 CVE-2009-3388 CVE-2009-3389 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-20
    plugin id 43334
    published 2009-12-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43334
    title Fedora 11 : Miro-2.5.2-7.fc11 / blam-1.8.5-17.fc11 / chmsee-1.0.1-14.fc11 / epiphany-2.26.3-7.fc11 / etc (2009-13333)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2009-13362.NASL
    description Update to new upstream SeaMonkey version 2.0.1, fixing multiple security issues detailed in the upstream advisories: http://www.mozilla.org/security/known- vulnerabilities/seamonkey20.html#seamonkey2.0.1 CVE-2009-3979 CVE-2009-3980 CVE-2009-3982 CVE-2009-3983 CVE-2009-3984 CVE-2009-3985 CVE-2009-3986 CVE-2009-3388 CVE-2009-3389 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-20
    plugin id 43336
    published 2009-12-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43336
    title Fedora 12 : seamonkey-2.0.1-1.fc12 (2009-13362)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_2_MOZILLAFIREFOX-091217.NASL
    description The Mozilla Firefox was updated to version 3.5.6, fixing lots of bugs and various security issues. The following issues were fixed : - MFSA 2009-65/CVE-2009-3979/CVE-2009-3980/CVE-2009-3982 Crashes with evidence of memory corruption (rv:1.9.1.6) - MFSA 2009-66/CVE-2009-3388 (bmo#504843,bmo#523816) Memory safety fixes in liboggplay media library - MFSA 2009-67/CVE-2009-3389 (bmo#515882,bmo#504613) Integer overflow, crash in libtheora video library - MFSA 2009-68/CVE-2009-3983 (bmo#487872) NTLM reflection vulnerability - MFSA 2009-69/CVE-2009-3984/CVE-2009-3985 (bmo#521461,bmo#514232) Location bar spoofing vulnerabilities - MFSA 2009-70/CVE-2009-3986 (bmo#522430) Privilege escalation via chrome window.opener
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 43383
    published 2009-12-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43383
    title openSUSE Security Update : MozillaFirefox (MozillaFirefox-1708)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_MOZILLAFIREFOX-091217.NASL
    description The Mozilla Firefox was updated to version 3.0.16, fixing lots of bugs and various security issues. The following issues were fixed : - MFSA 2009-65/CVE-2009-3979/CVE-2009-3981 Crashes with evidence of memory corruption (1.9.0.16) - MFSA 2009-68/CVE-2009-3983 (bmo#487872) NTLM reflection vulnerability - MFSA 2009-69/CVE-2009-3984/CVE-2009-3985 (bmo#521461,bmo#514232) Location bar spoofing vulnerabilities - MFSA 2009-70/CVE-2009-3986 (bmo#522430) Privilege escalation via chrome window.opener
    last seen 2019-02-21
    modified 2014-06-13
    plugin id 43395
    published 2009-12-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43395
    title openSUSE Security Update : MozillaFirefox (MozillaFirefox-1727)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_MOZILLAFIREFOX-6735.NASL
    description The Mozilla Firefox was updated to version 3.5.6, fixing lots of bugs and various security issues. The following issues were fixed : - Crashes with evidence of memory corruption (rv:1.9.1.6). (MFSA 2009-65 / CVE-2009-3979 / CVE-2009-3980 / CVE-2009-3982) - (bmo#504843,bmo#523816) Memory safety fixes in liboggplay media library. (MFSA 2009-66 / CVE-2009-3388) - (bmo#515882,bmo#504613) Integer overflow, crash in libtheora video library. (MFSA 2009-67 / CVE-2009-3389) - (bmo#487872) NTLM reflection vulnerability. (MFSA 2009-68 / CVE-2009-3983) - (bmo#521461,bmo#514232) Location bar spoofing vulnerabilities. (MFSA 2009-69 / CVE-2009-3984 / CVE-2009-3985) - (bmo#522430) Privilege escalation via chrome window.opener. (MFSA 2009-70 / CVE-2009-3986)
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 49889
    published 2010-10-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=49889
    title SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 6735)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-873-1.NASL
    description Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel, Olli Pettay, and David James discovered several flaws in the browser and JavaScript engines of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-3979, CVE-2009-3981, CVE-2009-3986) Takehiro Takahashi discovered flaws in the NTLM implementation in Firefox. If an NTLM authenticated user visited a malicious website, a remote attacker could send requests to other applications, authenticated as the user. (CVE-2009-3983) Jonathan Morgan discovered that Firefox did not properly display SSL indicators under certain circumstances. This could be used by an attacker to spoof an encrypted page, such as in a phishing attack. (CVE-2009-3984) Jordi Chancel discovered that Firefox did not properly display invalid URLs for a blank page. If a user were tricked into accessing a malicious website, an attacker could exploit this to spoof the location bar, such as in a phishing attack. (CVE-2009-3985). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 43366
    published 2009-12-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43366
    title Ubuntu 8.04 LTS / 8.10 / 9.04 : firefox-3.0, xulrunner-1.9 vulnerabilities (USN-873-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_MOZILLAFIREFOX-091217.NASL
    description The Mozilla Firefox was updated to version 3.5.6, fixing lots of bugs and various security issues. The following issues were fixed : - Crashes with evidence of memory corruption (rv:1.9.1.6). (MFSA 2009-65 / CVE-2009-3979 / CVE-2009-3980 / CVE-2009-3982) - (bmo#504843,bmo#523816) Memory safety fixes in liboggplay media library. (MFSA 2009-66 / CVE-2009-3388) - (bmo#515882,bmo#504613) Integer overflow, crash in libtheora video library. (MFSA 2009-67 / CVE-2009-3389) - (bmo#487872) NTLM reflection vulnerability. (MFSA 2009-68 / CVE-2009-3983) - (bmo#521461,bmo#514232) Location bar spoofing vulnerabilities. (MFSA 2009-69 / CVE-2009-3984 / CVE-2009-3985) - (bmo#522430) Privilege escalation via chrome window.opener. (MFSA 2009-70 / CVE-2009-3986)
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 43386
    published 2009-12-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43386
    title SuSE 11 Security Update : Mozilla Firefox (SAT Patch Number 1709)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_MOZILLA-XULRUNNER190-6736.NASL
    description The Mozilla XULRunner engine was updated to version 1.9.0.16, fixing lots of bugs and various security issues. The following issues were fixed : - Crashes with evidence of memory corruption (1.9.0.16). (MFSA 2009-65 / CVE-2009-3979 / CVE-2009-3981) - (bmo#487872) NTLM reflection vulnerability. (MFSA 2009-68 / CVE-2009-3983) - (bmo#521461, bmo#514232) Location bar spoofing vulnerabilities. (MFSA 2009-69 / CVE-2009-3984 / CVE-2009-3985) - (bmo#522430) Privilege escalation via chrome window.opener. (MFSA 2009-70 / CVE-2009-3986)
    last seen 2019-02-21
    modified 2012-06-14
    plugin id 43399
    published 2009-12-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43399
    title SuSE 10 Security Update : XULRunner (ZYPP Patch Number 6736)
  • NASL family Windows
    NASL id MOZILLA_FIREFOX_3016.NASL
    description The installed version of Firefox is earlier than 3.0.16. Such versions are potentially affected by the following security issues : - Multiple crashes can result in arbitrary code execution. (MFSA 2009-65) - The NTLM implementation is vulnerable to reflection attacks in which NTLM credentials from one application can be forwarded to another application. (MFSA 2009-68) - Multiple location bar spoofing vulnerabilities exist. (MFSA 2009-69) - A content window which is opened by a chrome window retains a reference to the chrome window via the 'window.opener' property, which can lead to privilege escalation. (MFSA 2009-70) - The exception messages generated by the 'GeckoActiveXObject' differ based on whether or not the requested COM object's ProgID is present in the system registry. (MFSA 2009-71)
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 43173
    published 2009-12-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43173
    title Firefox < 3.0.16 Multiple Vulnerabilities
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2009-1673.NASL
    description Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2009-3979) A flaw was found in the SeaMonkey NT Lan Manager (NTLM) authentication protocol implementation. If an attacker could trick a local user that has NTLM credentials into visiting a specially crafted web page, they could send arbitrary requests, authenticated with the user's NTLM credentials, to other applications on the user's system. (CVE-2009-3983) A flaw was found in the way SeaMonkey displayed the SSL location bar indicator. An attacker could create an unencrypted web page that appears to be encrypted, possibly tricking the user into believing they are visiting a secure page. (CVE-2009-3984) All SeaMonkey users should upgrade to these updated packages, which correct these issues. After installing the update, SeaMonkey must be restarted for the changes to take effect.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 43170
    published 2009-12-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43170
    title RHEL 3 / 4 : seamonkey (RHSA-2009:1673)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2009-1673.NASL
    description Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2009-3979) A flaw was found in the SeaMonkey NT Lan Manager (NTLM) authentication protocol implementation. If an attacker could trick a local user that has NTLM credentials into visiting a specially crafted web page, they could send arbitrary requests, authenticated with the user's NTLM credentials, to other applications on the user's system. (CVE-2009-3983) A flaw was found in the way SeaMonkey displayed the SSL location bar indicator. An attacker could create an unencrypted web page that appears to be encrypted, possibly tricking the user into believing they are visiting a secure page. (CVE-2009-3984) All SeaMonkey users should upgrade to these updated packages, which correct these issues. After installing the update, SeaMonkey must be restarted for the changes to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 43355
    published 2009-12-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43355
    title CentOS 4 : seamonkey (CESA-2009:1673)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2009-1674.NASL
    description From Red Hat Security Advisory 2009:1674 : Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2009-3979, CVE-2009-3981, CVE-2009-3986) A flaw was found in the Firefox NT Lan Manager (NTLM) authentication protocol implementation. If an attacker could trick a local user that has NTLM credentials into visiting a specially crafted web page, they could send arbitrary requests, authenticated with the user's NTLM credentials, to other applications on the user's system. (CVE-2009-3983) A flaw was found in the way Firefox displayed the SSL location bar indicator. An attacker could create an unencrypted web page that appears to be encrypted, possibly tricking the user into believing they are visiting a secure page. (CVE-2009-3984) A flaw was found in the way Firefox displayed blank pages after a user navigates to an invalid address. If a user visits an attacker-controlled web page that results in a blank page, the attacker could inject content into that blank page, possibly tricking the user into believing they are viewing a legitimate page. (CVE-2009-3985) For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 3.0.16. You can find a link to the Mozilla advisories in the References section of this errata. All Firefox users should upgrade to these updated packages, which contain Firefox version 3.0.16, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.
    last seen 2019-02-21
    modified 2018-08-13
    plugin id 67975
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67975
    title Oracle Linux 4 / 5 : firefox (ELSA-2009-1674)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_MOZILLA-XULRUNNER190-091217.NASL
    description The Mozilla XULRunner engine was updated to version 1.9.0.16, fixing lots of bugs and various security issues. The following issues were fixed : - Crashes with evidence of memory corruption (1.9.0.16). (MFSA 2009-65 / CVE-2009-3979 / CVE-2009-3981) - (bmo#487872) NTLM reflection vulnerability. (MFSA 2009-68 / CVE-2009-3983) - (bmo#521461,bmo#514232) Location bar spoofing vulnerabilities. (MFSA 2009-69 / CVE-2009-3984 / CVE-2009-3985) - (bmo#522430) Privilege escalation via chrome window.opener. (MFSA 2009-70 / CVE-2009-3986)
    last seen 2019-02-21
    modified 2013-10-25
    plugin id 43388
    published 2009-12-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43388
    title SuSE 11 Security Update : XULRunner (SAT Patch Number 1716)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_MOZILLAFIREFOX-6733.NASL
    description The Mozilla Firefox was updated to version 3.5.6, fixing lots of bugs and various security issues. The following issues were fixed : - Crashes with evidence of memory corruption (rv:1.9.1.6). (MFSA 2009-65 / CVE-2009-3979 / CVE-2009-3980 / CVE-2009-3982) - (bmo#504843,bmo#523816) Memory safety fixes in liboggplay media library. (MFSA 2009-66 / CVE-2009-3388) - (bmo#515882,bmo#504613) Integer overflow, crash in libtheora video library. (MFSA 2009-67 / CVE-2009-3389) - (bmo#487872) NTLM reflection vulnerability. (MFSA 2009-68 / CVE-2009-3983) - (bmo#521461,bmo#514232) Location bar spoofing vulnerabilities. (MFSA 2009-69 / CVE-2009-3984 / CVE-2009-3985) - (bmo#522430) Privilege escalation via chrome window.opener. (MFSA 2009-70 / CVE-2009-3986)
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 43397
    published 2009-12-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43397
    title SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 6733)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2009-1674.NASL
    description Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2009-3979, CVE-2009-3981, CVE-2009-3986) A flaw was found in the Firefox NT Lan Manager (NTLM) authentication protocol implementation. If an attacker could trick a local user that has NTLM credentials into visiting a specially crafted web page, they could send arbitrary requests, authenticated with the user's NTLM credentials, to other applications on the user's system. (CVE-2009-3983) A flaw was found in the way Firefox displayed the SSL location bar indicator. An attacker could create an unencrypted web page that appears to be encrypted, possibly tricking the user into believing they are visiting a secure page. (CVE-2009-3984) A flaw was found in the way Firefox displayed blank pages after a user navigates to an invalid address. If a user visits an attacker-controlled web page that results in a blank page, the attacker could inject content into that blank page, possibly tricking the user into believing they are viewing a legitimate page. (CVE-2009-3985) For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 3.0.16. You can find a link to the Mozilla advisories in the References section of this errata. All Firefox users should upgrade to these updated packages, which contain Firefox version 3.0.16, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 43356
    published 2009-12-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43356
    title CentOS 4 / 5 : firefox (CESA-2009:1674)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_1_MOZILLAFIREFOX-091221.NASL
    description The Mozilla Firefox was updated to version 3.0.16, fixing lots of bugs and various security issues. The following issues were fixed : - MFSA 2009-65/CVE-2009-3979/CVE-2009-3981 Crashes with evidence of memory corruption (1.9.0.16) - MFSA 2009-68/CVE-2009-3983 (bmo#487872) NTLM reflection vulnerability - MFSA 2009-69/CVE-2009-3984/CVE-2009-3985 (bmo#521461,bmo#514232) Location bar spoofing vulnerabilities - MFSA 2009-70/CVE-2009-3986 (bmo#522430) Privilege escalation via chrome window.opener
    last seen 2019-02-21
    modified 2014-06-13
    plugin id 43396
    published 2009-12-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43396
    title openSUSE Security Update : MozillaFirefox (MozillaFirefox-1727)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_01C57D20EA2611DEBD3900248C9B4BE7.NASL
    description Mozilla Project reports : MFSA 2009-71 GeckoActiveXObject exception messages can be used to enumerate installed COM objects MFSA 2009-70 Privilege escalation via chrome window.opener MFSA 2009-69 Location bar spoofing vulnerabilities MFSA 2009-68 NTLM reflection vulnerability MFSA 2009-67 Integer overflow, crash in libtheora video library MFSA 2009-66 Memory safety fixes in liboggplay media library MFSA 2009-65 Crashes with evidence of memory corruption (rv:1.9.1.6/ 1.9.0.16)
    last seen 2019-02-21
    modified 2018-11-21
    plugin id 43176
    published 2009-12-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43176
    title FreeBSD : mozilla -- multiple vulnerabilities (01c57d20-ea26-11de-bd39-00248c9b4be7)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_2_SEAMONKEY-091223.NASL
    description The Mozilla SeaMonkey browser suite was updated to version 2.0.1, fixing lots of bugs and various security issues. The following issues were fixed : - MFSA 2009-65/CVE-2009-3979/CVE-2009-3981 Crashes with evidence of memory corruption (1.9.0.16) - MFSA 2009-68/CVE-2009-3983 (bmo#487872) NTLM reflection vulnerability - MFSA 2009-69/CVE-2009-3984/CVE-2009-3985 (bmo#521461,bmo#514232) Location bar spoofing vulnerabilities - MFSA 2009-70/CVE-2009-3986 (bmo#522430) Privilege escalation via chrome window.opener - MFSA 2009-71/CVE-2009-3987: COM object enumeration only affects Windows operating systems.
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 43619
    published 2010-01-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43619
    title openSUSE Security Update : seamonkey (seamonkey-1738)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-874-1.NASL
    description Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel, Olli Pettay, and David James discovered several flaws in the browser and JavaScript engines of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-3979, CVE-2009-3980, CVE-2009-3982, CVE-2009-3986) Takehiro Takahashi discovered flaws in the NTLM implementation in Firefox. If an NTLM authenticated user visited a malicious website, a remote attacker could send requests to other applications, authenticated as the user. (CVE-2009-3983) Jonathan Morgan discovered that Firefox did not properly display SSL indicators under certain circumstances. This could be used by an attacker to spoof an encrypted page, such as in a phishing attack. (CVE-2009-3984) Jordi Chancel discovered that Firefox did not properly display invalid URLs for a blank page. If a user were tricked into accessing a malicious website, an attacker could exploit this to spoof the location bar, such as in a phishing attack. (CVE-2009-3985) David Keeler, Bob Clary, and Dan Kaminsky discovered several flaws in third party media libraries. If a user were tricked into opening a crafted media file, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-3388, CVE-2009-3389). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 43367
    published 2009-12-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43367
    title Ubuntu 9.10 : firefox-3.5, xulrunner-1.9.1 vulnerabilities (USN-874-1)
  • NASL family Windows
    NASL id MOZILLA_FIREFOX_356.NASL
    description The installed version of Firefox is 3.5.x earlier than 3.5.6. Such versions are potentially affected by the following security issues : - Multiple crashes can result in arbitrary code execution. (MFSA 2009-65) - Multiple vulnerabilities in 'liboggplay' can lead to arbitrary code execution. (MFSA 2009-66) - An integer overflow in the 'Theora' video library can lead to a crash or the execution of arbitrary code. (MFSA 2009-67) - The NTLM implementation is vulnerable to reflection attacks in which NTLM credentials from one application can be forwarded to another application. (MFSA 2009-68) - Multiple location bar spoofing vulnerabilities exist. (MFSA 2009-69) - A content window which is opened by a chrome window retains a reference to the chrome window via the 'window.opener' property, which can lead to privilege escalation. (MFSA 2009-70) - The exception messages generated by the 'GeckoActiveXObject' differ based on whether or not the requested COM object's ProgID is present in the system registry. (MFSA 2009-71)
    last seen 2019-02-21
    modified 2018-07-16
    plugin id 43174
    published 2009-12-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43174
    title Firefox 3.5 < 3.5.6 Multiple Vulnerabilities
  • NASL family Windows
    NASL id SEAMONKEY_201.NASL
    description The installed version of SeaMonkey is earlier than 2.0.1. Such versions are potentially affected by the following security issues : - Multiple crashes can result in arbitrary code execution. (MFSA 2009-65) - Multiple vulnerabilities in 'liboggplay' can lead to arbitrary code execution. (MFSA 2009-66) - An integer overflow in the 'Theora' video library can lead to a crash or the execution of arbitrary code. (MFSA 2009-67) - The NTLM implementation is vulnerable to reflection attacks in which NTLM credentials from one application can be forwarded to another application. (MFSA 2009-68) - Multiple location bar spoofing vulnerabilities exist. (MFSA 2009-69) - A content window which is opened by a chrome window retains a reference to the chrome window via the 'window.opener' property, which can lead to privilege escalation. (MFSA 2009-70) - The exception messages generated by the 'GeckoActiveXObject' differ based on whether or not the requested COM object's ProgID is present in the system registry. (MFSA 2009-71)
    last seen 2019-02-21
    modified 2018-07-27
    plugin id 43175
    published 2009-12-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43175
    title SeaMonkey < 2.0.1 Multiple Vulnerabilities
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2009-1673.NASL
    description From Red Hat Security Advisory 2009:1673 : Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. (CVE-2009-3979) A flaw was found in the SeaMonkey NT Lan Manager (NTLM) authentication protocol implementation. If an attacker could trick a local user that has NTLM credentials into visiting a specially crafted web page, they could send arbitrary requests, authenticated with the user's NTLM credentials, to other applications on the user's system. (CVE-2009-3983) A flaw was found in the way SeaMonkey displayed the SSL location bar indicator. An attacker could create an unencrypted web page that appears to be encrypted, possibly tricking the user into believing they are visiting a secure page. (CVE-2009-3984) All SeaMonkey users should upgrade to these updated packages, which correct these issues. After installing the update, SeaMonkey must be restarted for the changes to take effect.
    last seen 2019-02-21
    modified 2018-08-13
    plugin id 67974
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67974
    title Oracle Linux 3 / 4 : seamonkey (ELSA-2009-1673)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20091216_FIREFOX_ON_SL4_X.NASL
    description Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2009-3979, CVE-2009-3981, CVE-2009-3986) A flaw was found in the Firefox NT Lan Manager (NTLM) authentication protocol implementation. If an attacker could trick a local user that has NTLM credentials into visiting a specially crafted web page, they could send arbitrary requests, authenticated with the user's NTLM credentials, to other applications on the user's system. (CVE-2009-3983) A flaw was found in the way Firefox displayed the SSL location bar indicator. An attacker could create an unencrypted web page that appears to be encrypted, possibly tricking the user into believing they are visiting a secure page. (CVE-2009-3984) A flaw was found in the way Firefox displayed blank pages after a user navigates to an invalid address. If a user visits an attacker-controlled web page that results in a blank page, the attacker could inject content into that blank page, possibly tricking the user into believing they are viewing a legitimate page. (CVE-2009-3985) After installing the update, Firefox must be restarted for the changes to take effect.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 60709
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60709
    title Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-877-1.NASL
    description USN-873-1 fixed vulnerabilities in Firefox and Xulrunner. The upstream changes introduced a regression when using NTLM authentication. This update fixes the problem and adds additional stability fixes. We apologize for the inconvenience. Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel, Olli Pettay, and David James discovered several flaws in the browser and JavaScript engines of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-3979, CVE-2009-3981, CVE-2009-3986) Takehiro Takahashi discovered flaws in the NTLM implementation in Firefox. If an NTLM authenticated user visited a malicious website, a remote attacker could send requests to other applications, authenticated as the user. (CVE-2009-3983) Jonathan Morgan discovered that Firefox did not properly display SSL indicators under certain circumstances. This could be used by an attacker to spoof an encrypted page, such as in a phishing attack. (CVE-2009-3984) Jordi Chancel discovered that Firefox did not properly display invalid URLs for a blank page. If a user were tricked into accessing a malicious website, an attacker could exploit this to spoof the location bar, such as in a phishing attack. (CVE-2009-3985). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 43823
    published 2010-01-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43823
    title Ubuntu 8.04 LTS / 8.10 / 9.04 : firefox-3.0, xulrunner-1.9 regression (USN-877-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2009-1674.NASL
    description Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2009-3979, CVE-2009-3981, CVE-2009-3986) A flaw was found in the Firefox NT Lan Manager (NTLM) authentication protocol implementation. If an attacker could trick a local user that has NTLM credentials into visiting a specially crafted web page, they could send arbitrary requests, authenticated with the user's NTLM credentials, to other applications on the user's system. (CVE-2009-3983) A flaw was found in the way Firefox displayed the SSL location bar indicator. An attacker could create an unencrypted web page that appears to be encrypted, possibly tricking the user into believing they are visiting a secure page. (CVE-2009-3984) A flaw was found in the way Firefox displayed blank pages after a user navigates to an invalid address. If a user visits an attacker-controlled web page that results in a blank page, the attacker could inject content into that blank page, possibly tricking the user into believing they are viewing a legitimate page. (CVE-2009-3985) For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 3.0.16. You can find a link to the Mozilla advisories in the References section of this errata. All Firefox users should upgrade to these updated packages, which contain Firefox version 3.0.16, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 43171
    published 2009-12-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43171
    title RHEL 4 / 5 : firefox (RHSA-2009:1674)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1956.NASL
    description Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-3986 : David James discovered that the window.opener property allows Chrome privilege escalation. - CVE-2009-3985 : Jordi Chanel discovered a spoofing vulnerability of the URL location bar using the document.location property. - CVE-2009-3984 : Jonathan Morgan discovered that the icon indicating a secure connection could be spoofed through the document.location property. - CVE-2009-3983 : Takehiro Takahashi discovered that the NTLM implementation is vulnerable to reflection attacks. - CVE-2009-3981 : Jesse Ruderman discovered a crash in the layout engine, which might allow the execution of arbitrary code. - CVE-2009-3979 : Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel and Olli Pettay discovered crashes in the layout engine, which might allow the execution of arbitrary code.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 44821
    published 2010-02-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=44821
    title Debian DSA-1956-1 : xulrunner - several vulnerabilities
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201301-01.NASL
    description The remote host is affected by the vulnerability described in GLSA-201301-01 (Mozilla Products: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, bypass restrictions and protection mechanisms, force file downloads, conduct XML injection attacks, conduct XSS attacks, bypass the Same Origin Policy, spoof URL’s for phishing attacks, trigger a vertical scroll, spoof the location bar, spoof an SSL indicator, modify the browser’s font, conduct clickjacking attacks, or have other unspecified impact. A local attacker could gain escalated privileges, obtain sensitive information, or replace an arbitrary downloaded file. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-11-19
    plugin id 63402
    published 2013-01-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=63402
    title GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_MOZILLA-XULRUNNER190-6734.NASL
    description The Mozilla XULRunner engine was updated to version 1.9.0.16, fixing lots of bugs and various security issues. The following issues were fixed : - Crashes with evidence of memory corruption (1.9.0.16). (MFSA 2009-65 / CVE-2009-3979 / CVE-2009-3981) - (bmo#487872) NTLM reflection vulnerability. (MFSA 2009-68 / CVE-2009-3983) - (bmo#521461,bmo#514232) Location bar spoofing vulnerabilities. (MFSA 2009-69 / CVE-2009-3984 / CVE-2009-3985) - (bmo#522430) Privilege escalation via chrome window.opener. (MFSA 2009-70 / CVE-2009-3986)
    last seen 2019-02-21
    modified 2012-06-14
    plugin id 49898
    published 2010-10-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=49898
    title SuSE 10 Security Update : XULRunner (ZYPP Patch Number 6734)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-878-1.NASL
    description USN-874-1 fixed vulnerabilities in Firefox and Xulrunner. The upstream changes introduced a regression when using NTLM authentication. This update fixes the problem and adds additional stability fixes. We apologize for the inconvenience. Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel, Olli Pettay, and David James discovered several flaws in the browser and JavaScript engines of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-3979, CVE-2009-3980, CVE-2009-3982, CVE-2009-3986) Takehiro Takahashi discovered flaws in the NTLM implementation in Firefox. If an NTLM authenticated user visited a malicious website, a remote attacker could send requests to other applications, authenticated as the user. (CVE-2009-3983) Jonathan Morgan discovered that Firefox did not properly display SSL indicators under certain circumstances. This could be used by an attacker to spoof an encrypted page, such as in a phishing attack. (CVE-2009-3984) Jordi Chancel discovered that Firefox did not properly display invalid URLs for a blank page. If a user were tricked into accessing a malicious website, an attacker could exploit this to spoof the location bar, such as in a phishing attack. (CVE-2009-3985) David Keeler, Bob Clary, and Dan Kaminsky discovered several flaws in third party media libraries. If a user were tricked into opening a crafted media file, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-3388, CVE-2009-3389). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 43824
    published 2010-01-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43824
    title Ubuntu 9.10 : firefox-3.5, xulrunner-1.9.1 regression (USN-878-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2009-13366.NASL
    description Update to new upstream Firefox version 3.5.6, fixing multiple security issues detailed in the upstream advisories: http://www.mozilla.org/security/known- vulnerabilities/firefox35.html#firefox3.5.6 Update also includes all packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner. CVE-2009-3979 CVE-2009-3980 CVE-2009-3982 CVE-2009-3983 CVE-2009-3984 CVE-2009-3985 CVE-2009-3986 CVE-2009-3388 CVE-2009-3389 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-20
    plugin id 43339
    published 2009-12-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43339
    title Fedora 12 : Miro-2.5.2-7.fc12 / blam-1.8.5-21.fc12 / firefox-3.5.6-1.fc12 / galeon-2.0.7-19.fc12 / etc (2009-13366)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2009-339.NASL
    description Security issues were identified and fixed in firefox 3.0.x : Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2009-3979). Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2009-3980). Unspecified vulnerability in the browser engine in Mozilla Firefox before 3.0.16, SeaMonkey before 2.0.1, and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2009-3981). Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to send authenticated requests to arbitrary applications by replaying the NTLM credentials of a browser user (CVE-2009-3983). Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to spoof an SSL indicator for an http URL or a file URL by setting document.location to an https URL corresponding to a site that responds with a No Content (aka 204) status code and an empty body (CVE-2009-3984). Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to associate spoofed content with an invalid URL by setting document.location to this URL, and then writing arbitrary web script or HTML to the associated blank document, a related issue to CVE-2009-2654 (CVE-2009-3985). Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to execute arbitrary JavaScript with chrome privileges by leveraging a reference to a chrome window from a content window, related to the window.opener property (CVE-2009-3986). The GeckoActiveXObject function in Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, generates different exception messages depending on whether the referenced COM object is listed in the registry, which allows remote attackers to obtain potentially sensitive information about installed software by making multiple calls that specify the ProgID values of different COM objects (CVE-2009-3987). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. Additionally, some packages which require so, have been rebuilt and are being provided as updates.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 43394
    published 2009-12-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43394
    title Mandriva Linux Security Advisory : firefox (MDVSA-2009:339)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2009-338.NASL
    description Security issues were identified and fixed in firefox 3.5.x : liboggplay in Mozilla Firefox 3.5.x before 3.5.6 and SeaMonkey before 2.0.1 might allow context-dependent attackers to cause a denial of service (application crash) or execute arbitrary code via unspecified vectors, related to memory safety issues. (CVE-2009-3388) Integer overflow in libtheora in Xiph.Org Theora before 1.1, as used in Mozilla Firefox 3.5 before 3.5.6 and SeaMonkey before 2.0.1, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a video with large dimensions (CVE-2009-3389). Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2009-3979). Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2009-3980). Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2009-3982). Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to send authenticated requests to arbitrary applications by replaying the NTLM credentials of a browser user (CVE-2009-3983). Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to spoof an SSL indicator for an http URL or a file URL by setting document.location to an https URL corresponding to a site that responds with a No Content (aka 204) status code and an empty body (CVE-2009-3984). Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to associate spoofed content with an invalid URL by setting document.location to this URL, and then writing arbitrary web script or HTML to the associated blank document, a related issue to CVE-2009-2654 (CVE-2009-3985). Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to execute arbitrary JavaScript with chrome privileges by leveraging a reference to a chrome window from a content window, related to the window.opener property (CVE-2009-3986). The GeckoActiveXObject function in Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, generates different exception messages depending on whether the referenced COM object is listed in the registry, which allows remote attackers to obtain potentially sensitive information about installed software by making multiple calls that specify the ProgID values of different COM objects (CVE-2009-3987). Additionally, some packages which require so, have been rebuilt and are being provided as updates.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 48162
    published 2010-07-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=48162
    title Mandriva Linux Security Advisory : firefox (MDVSA-2009:338)
oval via4
  • accepted 2014-10-06T04:04:37.962-04:00
    class vulnerability
    contributors
    • name J. Daniel Brown
      organization DTCC
    • name Sergey Artykhov
      organization ALTX-SOFT
    • name Sergey Artykhov
      organization ALTX-SOFT
    • name Shane Shaffer
      organization G2, Inc.
    • name Maria Mikhno
      organization ALTX-SOFT
    • name Evgeniy Pavlov
      organization ALTX-SOFT
    • name Evgeniy Pavlov
      organization ALTX-SOFT
    • name Evgeniy Pavlov
      organization ALTX-SOFT
    definition_extensions
    • comment Mozilla Firefox Mainline release is installed
      oval oval:org.mitre.oval:def:22259
    • comment Mozilla Seamonkey is installed
      oval oval:org.mitre.oval:def:6372
    description Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to associate spoofed content with an invalid URL by setting document.location to this URL, and then writing arbitrary web script or HTML to the associated blank document, a related issue to CVE-2009-2654.
    family windows
    id oval:org.mitre.oval:def:8480
    status accepted
    submitted 2010-01-07T17:30:00.000-05:00
    title Mozilla Firefox and Sea Monkey Content Injection Spoofing Vulnerability
    version 27
  • accepted 2013-04-29T04:23:16.492-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 4
      oval oval:org.mitre.oval:def:11831
    • comment CentOS Linux 4.x
      oval oval:org.mitre.oval:def:16636
    • comment Oracle Linux 4.x
      oval oval:org.mitre.oval:def:15990
    • comment The operating system installed on the system is Red Hat Enterprise Linux 5
      oval oval:org.mitre.oval:def:11414
    • comment The operating system installed on the system is CentOS Linux 5.x
      oval oval:org.mitre.oval:def:15802
    • comment Oracle Linux 5.x
      oval oval:org.mitre.oval:def:15459
    description Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to associate spoofed content with an invalid URL by setting document.location to this URL, and then writing arbitrary web script or HTML to the associated blank document, a related issue to CVE-2009-2654.
    family unix
    id oval:org.mitre.oval:def:9911
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to associate spoofed content with an invalid URL by setting document.location to this URL, and then writing arbitrary web script or HTML to the associated blank document, a related issue to CVE-2009-2654.
    version 24
packetstorm via4
data source https://packetstormsecurity.com/files/download/84058/mozilla-barspoof.txt
id PACKETSTORM:84058
last seen 2016-12-05
published 2009-12-18
reporter Jordi Chancel
source https://packetstormsecurity.com/files/84058/Mozilla-Firefox-Location-Bar-Spoof.html
title Mozilla Firefox Location Bar Spoof
redhat via4
advisories
rhsa
id RHSA-2009:1674
rpms
  • firefox-0:3.0.16-4.el4
  • xulrunner-0:1.9.0.16-2.el5_4
  • xulrunner-devel-0:1.9.0.16-2.el5_4
  • xulrunner-devel-unstable-0:1.9.0.16-2.el5_4
  • firefox-0:3.0.16-1.el5_4
refmap via4
bid
  • 37349
  • 37370
confirm
debian DSA-1956
fedora
  • FEDORA-2009-13333
  • FEDORA-2009-13362
  • FEDORA-2009-13366
sectrack
  • 1023342
  • 1023343
secunia
  • 37699
  • 37704
  • 37785
  • 37813
  • 37856
  • 37881
suse SUSE-SA:2009:063
ubuntu
  • USN-873-1
  • USN-874-1
vupen ADV-2009-3547
xf firefox-documentlocation-spoofing(54808)
Last major update 21-08-2010 - 01:36
Published 17-12-2009 - 12:30
Last modified 18-09-2017 - 21:29
Back to Top