Secunia
Login
|
|
CVE Reference: CVE-2009-1840 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2009-1840 |
|
|
Description: Mozilla Firefox before 3.0.11, Thunderbird, and SeaMonkey do not check content policy before loading a script file into a XUL document, which allows remote attackers to bypass intended access restrictions via a crafted HTML document, as demonstrated by a "web bug" in an e-mail message, or web script or an advertisement in a web page. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/51076 SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-66-264308-1 ST 1022379 SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.372468 SAID Secunia Advisory: SA35415 Secunia Advisory: SA35468 Secunia Advisory: SA35440 Secunia Advisory: SA35439 Secunia Advisory: SA35331 Secunia Advisory: SA35431 REDHAT OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9448 OSVDB 55158 MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2009:141 FEDORA DEBIAN http://www.debian.org/security/2009/dsa-1820 CONFIRM http://www.mozilla.org/security/announce/2009/mfsa2009-31.html BID 35326 |
|
| Return to the previous page. |
