Описание
Mozilla Firefox before 3.0.14 does not properly implement certain dialogs associated with the (1) pkcs11.addmodule and (2) pkcs11.deletemodule operations, which makes it easier for remote attackers to trick a user into installing or removing an arbitrary PKCS11 module.
Mozilla Firefox before 3.0.14 does not properly implement certain dialogs associated with the (1) pkcs11.addmodule and (2) pkcs11.deletemodule operations, which makes it easier for remote attackers to trick a user into installing or removing an arbitrary PKCS11 module.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2009-3076
- https://bugzilla.mozilla.org/show_bug.cgi?id=326628
- https://bugzilla.mozilla.org/show_bug.cgi?id=509413
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6140
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9306
- http://secunia.com/advisories/36669
- http://secunia.com/advisories/36670
- http://secunia.com/advisories/36671
- http://secunia.com/advisories/36692
- http://secunia.com/advisories/37098
- http://www.debian.org/security/2009/dsa-1885
- http://www.mozilla.org/security/announce/2009/mfsa2009-48.html
- http://www.novell.com/linux/security/advisories/2009_48_firefox.html
- http://www.redhat.com/support/errata/RHSA-2009-1430.html
- http://www.redhat.com/support/errata/RHSA-2009-1431.html
- http://www.redhat.com/support/errata/RHSA-2009-1432.html
- http://www.redhat.com/support/errata/RHSA-2010-0153.html
- http://www.redhat.com/support/errata/RHSA-2010-0154.html
- http://www.securityfocus.com/bid/36343
- http://www.securitytracker.com/id?1022877
- http://www.vupen.com/english/advisories/2010/0650
EPSS
CVE ID
Связанные уязвимости
Mozilla Firefox before 3.0.14 does not properly implement certain dialogs associated with the (1) pkcs11.addmodule and (2) pkcs11.deletemodule operations, which makes it easier for remote attackers to trick a user into installing or removing an arbitrary PKCS11 module.
Mozilla Firefox before 3.0.14 does not properly implement certain dialogs associated with the (1) pkcs11.addmodule and (2) pkcs11.deletemodule operations, which makes it easier for remote attackers to trick a user into installing or removing an arbitrary PKCS11 module.
Mozilla Firefox before 3.0.14 does not properly implement certain dialogs associated with the (1) pkcs11.addmodule and (2) pkcs11.deletemodule operations, which makes it easier for remote attackers to trick a user into installing or removing an arbitrary PKCS11 module.
Mozilla Firefox before 3.0.14 does not properly implement certain dial ...
EPSS