- Home
- CVEs with nessus.description==Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems :
- CVE-2009-3986 :
David James discovered that the window.opener property allows Chrome privilege escalation.
- CVE-2009-3985 :
Jordi Chanel discovered a spoofing vulnerability of the URL location bar using the document.location property.
- CVE-2009-3984 :
Jonathan Morgan discovered that the icon indicating a secure connection could be spoofed through the document.location property.
- CVE-2009-3983 :
Takehiro Takahashi discovered that the NTLM implementation is vulnerable to reflection attacks.
- CVE-2009-3981 :
Jesse Ruderman discovered a crash in the layout engine, which might allow the execution of arbitrary code.
- CVE-2009-3979 :
Jesse Ruderman, Josh Soref, Martijn Wargers, Jose Angel and Olli Pettay discovered crashes in the layout engine, which might allow the execution of arbitrary code
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top