Showing 1 - 6 of 6

CVE-2009-1307

Status Candidate

Overview

The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to (1) bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; (2) read, create, or modify Local Shared Objects via a Flash file; or (3) bypass unspecified restrictions and render content via vectors involving a jar: URI.

Related Files

Debian Linux Security Advisory 1830-1: Posted Jul 13, 2009; Authored by Debian | Site debian.org; Debian Security Advisory 1830-1 - Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client.; tags | advisory, remote, vulnerability; systems | linux, debian; advisories | CVE-2009-0040, CVE-2009-0352, CVE-2009-0353, CVE-2009-0652, CVE-2009-0771, CVE-2009-0772, CVE-2009-0773, CVE-2009-0774, CVE-2009-0776, CVE-2009-1302, CVE-2009-1303, CVE-2009-1307, CVE-2009-1832, CVE-2009-1392, CVE-2009-1836, CVE-2009-1838, CVE-2009-1841; SHA-256 | d38d0925be530057b4a2dd77a93a8ac127bd9272755d6b3ea0b274a052baaa14; Download | Favorite | View

Mandriva Linux Security Advisory 2009-141: Posted Jun 26, 2009; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2009-141 - A number of security vulnerabilities have been discovered for Mozilla Thunderbird version 2.0.0.21. This update provides the latest Thunderbird to correct these issues.; tags | advisory, vulnerability; systems | linux, mandriva; advisories | CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-2210, CVE-2009-1392, CVE-2009-1832, CVE-2009-1833, CVE-2009-1838, CVE-2009-1836, CVE-2009-1840, CVE-2009-1841; SHA-256 | 5a7c5e992f20a8403dc5d445cc3a02e58db61488c89841fcedd3ba1b98f1673a; Download | Favorite | View

Ubuntu Security Notice 782-1: Posted Jun 26, 2009; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice USN-782-1 - Several flaws were discovered in the JavaScript engine of Thunderbird. Several flaws were discovered in the way Thunderbird processed malformed URI schemes. Cefn Hoile discovered Thunderbird did not adequately protect against embedded third-party stylesheets. Shuo Chen, Ziqing Mao, Yi-Min Wang, and Ming Zhang discovered that Thunderbird did not properly handle error responses when connecting to a proxy server. It was discovered that Thunderbird could be made to run scripts with elevated privileges.; tags | advisory, javascript; systems | linux, ubuntu; advisories | CVE-2009-1303, CVE-2009-1305, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1392, CVE-2009-1833, CVE-2009-1836, CVE-2009-1838, CVE-2009-1841; SHA-256 | e296006439bf4e6a1ca59b0e0c05e05c53359c92accaef6c57eec9cb193bf4ad; Download | Favorite | View

Mandriva Linux Security Advisory 2009-111: Posted May 13, 2009; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2009-111-1 - Security vulnerabilities have been discovered in previous versions, and corrected in the latest Mozilla Firefox 3.x, version 3.0.10. This update provides the latest Mozilla Firefox 3.x to correct these issues. Additionally, some packages which require so, have been rebuilt and are being provided as updates. The recent Mozilla Firefox update missed the Firefox language packs for Mandriva Linux 2009. This update provides them, fixing the issue.; tags | advisory, vulnerability; systems | linux, mandriva; advisories | CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305, CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310, CVE-2009-1311, CVE-2009-1312, CVE-2009-1313; SHA-256 | 0b9ab0678b8f50291475ab0c369624d0ea9d246c0f33cdfab12afe730ed4f0cf; Download | Favorite | View

Debian Linux Security Advisory 1797-1: Posted May 10, 2009; Authored by Debian | Site debian.org; Debian Security Advisory 1797-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser.; tags | advisory, remote, web, vulnerability; systems | linux, debian; advisories | CVE-2009-0652, CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1311; SHA-256 | a304be926b1da77721827a7cc3ba161384c0847453345b1d59e8ad2a08a5554e; Download | Favorite | View

Ubuntu Security Notice 764-1: Posted Apr 23, 2009; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice USN-764-1 - Several flaws were discovered in the Firefox and XULRunner browser engines. These could lead to arbitrary code execution, spoofing attacks, and more.; tags | advisory, arbitrary, spoof, code execution; systems | linux, ubuntu; advisories | CVE-2009-0652, CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310, CVE-2009-1311, CVE-2009-1312; SHA-256 | dbf1787da27458fc014c23edeb830bd923b19b441140dde4a0b4d8b03a68423a; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 219 files
Ubuntu 55 files
LiquidWorm 20 files
Debian 18 files
Apple 9 files
indoushka 5 files
Gentoo 5 files
Google Security Research 4 files
Alter Prime 3 files
Chokri Hammedi 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,158)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,830)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,245)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,969)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

CVE-2009-1307

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems