Описание
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to send authenticated requests to arbitrary applications by replaying the NTLM credentials of a browser user.
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to send authenticated requests to arbitrary applications by replaying the NTLM credentials of a browser user.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2009-3983
- https://bugzilla.mozilla.org/show_bug.cgi?id=487872
- https://bugzilla.redhat.com/show_bug.cgi?id=546720
- https://exchange.xforce.ibmcloud.com/vulnerabilities/54807
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10047
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8240
- https://rhn.redhat.com/errata/RHSA-2009-1673.html
- https://rhn.redhat.com/errata/RHSA-2009-1674.html
- https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00995.html
- https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01034.html
- https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01041.html
- http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
- http://secunia.com/advisories/37699
- http://secunia.com/advisories/37703
- http://secunia.com/advisories/37704
- http://secunia.com/advisories/37785
- http://secunia.com/advisories/37813
- http://secunia.com/advisories/37856
- http://secunia.com/advisories/37881
- http://secunia.com/advisories/38977
- http://secunia.com/advisories/39001
- http://securitytracker.com/id?1023340
- http://securitytracker.com/id?1023341
- http://www.debian.org/security/2009/dsa-1956
- http://www.mozilla.org/security/announce/2009/mfsa2009-68.html
- http://www.novell.com/linux/security/advisories/2009_63_firefox.html
- http://www.securityfocus.com/bid/37349
- http://www.securityfocus.com/bid/37366
- http://www.ubuntu.com/usn/USN-873-1
- http://www.ubuntu.com/usn/USN-874-1
- http://www.ubuntu.com/usn/USN-915-1
- http://www.vupen.com/english/advisories/2009/3547
- http://www.vupen.com/english/advisories/2010/0648
EPSS
CVE ID
Связанные уязвимости
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to send authenticated requests to arbitrary applications by replaying the NTLM credentials of a browser user.
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to send authenticated requests to arbitrary applications by replaying the NTLM credentials of a browser user.
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to send authenticated requests to arbitrary applications by replaying the NTLM credentials of a browser user.
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey be ...
EPSS