ID CVE-2009-3985
Summary Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to associate spoofed content with an invalid URL by setting document.location to this URL, and then writing arbitrary web script or HTML to the associated blank document, a related issue to CVE-2009-2654.
References
Vulnerable Configurations
  • cpe:2.3:a:mozilla:firefox:0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:0.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:0.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:0.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:0.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:0.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:0.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:0.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:0.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:0.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:0.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.0:preview_release:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.0:preview_release:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.0.12:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.0.12:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0:beta1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0:beta1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0:beta_1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0:beta_1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0:rc3:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0:rc3:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0.0.11:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0.0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0.0.12:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0.0.12:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0.0.13:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0.0.13:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0.0.14:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0.0.14:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0.0.15:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0.0.15:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0.0.16:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0.0.16:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0.0.17:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0.0.17:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0.0.18:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0.0.18:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0.0.19:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0.0.19:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0.0.20:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0.0.20:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0.0.21:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0.0.21:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0_.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0_.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0_.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0_.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0_.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0_.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0_.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0_.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0_.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0_.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0_.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0_.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0_.10:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0_.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:2.0_8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:2.0_8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:3.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:3.0:alpha:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:3.0:alpha:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:3.0:beta2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:3.0:beta2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:3.0:beta5:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:3.0:beta5:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:3.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:3.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:3.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:3.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:3.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:3.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:3.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:3.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:3.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:3.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:3.0.11:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:3.0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:3.0.12:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:3.0.12:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:3.0.13:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:3.0.13:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:3.0.14:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:3.0.14:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.0:-:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.0:-:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:1.5:-:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:1.5:-:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:3.0:-:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:3.0:-:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:3.0.15:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:3.0.15:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:3.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:3.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:3.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:3.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:3.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:3.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:3.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:3.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:firefox:3.5.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:3.5.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0:alpha:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0:alpha:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0:beta:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.0.99:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.0.99:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1:alpha:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1:alpha:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1:beta:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1:beta:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.10:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.11:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.11:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.12:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.12:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.13:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.13:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.14:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.14:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.15:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.15:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.16:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.16:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.1.17:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.1.17:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.5.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.5.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.5.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.5.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:1.5.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:1.5.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0:alpha_1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0:alpha_2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0:alpha_3:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0:beta_1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0:beta_1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0:beta_2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0:beta_2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0:rc2:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0:rc2:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0a1:*:pre:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0a1:*:pre:*:*:*:*:*
  • cpe:2.3:a:mozilla:seamonkey:2.0a1pre:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:seamonkey:2.0a1pre:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 19-09-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
oval via4
  • accepted 2014-10-06T04:04:37.962-04:00
    class vulnerability
    contributors
    • name J. Daniel Brown
      organization DTCC
    • name Sergey Artykhov
      organization ALTX-SOFT
    • name Sergey Artykhov
      organization ALTX-SOFT
    • name Shane Shaffer
      organization G2, Inc.
    • name Maria Mikhno
      organization ALTX-SOFT
    • name Evgeniy Pavlov
      organization ALTX-SOFT
    • name Evgeniy Pavlov
      organization ALTX-SOFT
    • name Evgeniy Pavlov
      organization ALTX-SOFT
    definition_extensions
    • comment Mozilla Firefox Mainline release is installed
      oval oval:org.mitre.oval:def:22259
    • comment Mozilla Seamonkey is installed
      oval oval:org.mitre.oval:def:6372
    description Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to associate spoofed content with an invalid URL by setting document.location to this URL, and then writing arbitrary web script or HTML to the associated blank document, a related issue to CVE-2009-2654.
    family windows
    id oval:org.mitre.oval:def:8480
    status accepted
    submitted 2010-01-07T17:30:00.000-05:00
    title Mozilla Firefox and Sea Monkey Content Injection Spoofing Vulnerability
    version 29
  • accepted 2013-04-29T04:23:16.492-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 4
      oval oval:org.mitre.oval:def:11831
    • comment CentOS Linux 4.x
      oval oval:org.mitre.oval:def:16636
    • comment Oracle Linux 4.x
      oval oval:org.mitre.oval:def:15990
    • comment The operating system installed on the system is Red Hat Enterprise Linux 5
      oval oval:org.mitre.oval:def:11414
    • comment The operating system installed on the system is CentOS Linux 5.x
      oval oval:org.mitre.oval:def:15802
    • comment Oracle Linux 5.x
      oval oval:org.mitre.oval:def:15459
    description Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to associate spoofed content with an invalid URL by setting document.location to this URL, and then writing arbitrary web script or HTML to the associated blank document, a related issue to CVE-2009-2654.
    family unix
    id oval:org.mitre.oval:def:9911
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to associate spoofed content with an invalid URL by setting document.location to this URL, and then writing arbitrary web script or HTML to the associated blank document, a related issue to CVE-2009-2654.
    version 30
redhat via4
advisories
rhsa
id RHSA-2009:1674
rpms
  • firefox-0:3.0.16-1.el5_4
  • firefox-0:3.0.16-4.el4
  • firefox-debuginfo-0:3.0.16-1.el5_4
  • firefox-debuginfo-0:3.0.16-4.el4
  • xulrunner-0:1.9.0.16-2.el5_4
  • xulrunner-debuginfo-0:1.9.0.16-2.el5_4
  • xulrunner-devel-0:1.9.0.16-2.el5_4
  • xulrunner-devel-unstable-0:1.9.0.16-2.el5_4
refmap via4
bid
  • 37349
  • 37370
confirm
debian DSA-1956
fedora
  • FEDORA-2009-13333
  • FEDORA-2009-13362
  • FEDORA-2009-13366
sectrack
  • 1023342
  • 1023343
secunia
  • 37699
  • 37704
  • 37785
  • 37813
  • 37856
  • 37881
suse SUSE-SA:2009:063
ubuntu
  • USN-873-1
  • USN-874-1
vupen ADV-2009-3547
xf firefox-documentlocation-spoofing(54808)
Last major update 19-09-2017 - 01:29
Published 17-12-2009 - 17:30
Last modified 19-09-2017 - 01:29
Back to Top