Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2009-1839

Опубликовано: 12 июн. 2009
Источник: ubuntu
Приоритет: low
CVSS2: 5.4

Описание

Mozilla Firefox 3 before 3.0.11 associates an incorrect principal with a file: URL loaded through the location bar, which allows user-assisted remote attackers to bypass intended access restrictions and read files via a crafted HTML document, aka a "file-URL-to-file-URL scripting" attack.

РелизСтатусПримечание
dapper

ignored

end of life
devel

not-affected

hardy

not-affected

intrepid

DNE

jaunty

DNE

karmic

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

DNE

hardy

released

1.9.0.11+build2+nobinonly-0ubuntu0.8.04.1
intrepid

released

1.9.0.11+build2+nobinonly-0ubuntu0.8.10.2
jaunty

released

1.9.0.11+build2+nobinonly-0ubuntu0.9.04.1
karmic

DNE

upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

DNE

devel

released

1.9.1~rc2+nobinonly-0ubuntu1
hardy

DNE

intrepid

DNE

jaunty

released

1.9.1+nobinonly-0ubuntu0.9.04.1
karmic

released

1.9.1~rc2+nobinonly-0ubuntu1
upstream

needs-triage

Показывать по

Ссылки на источники

5.4 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2009-1839

redhat
больше 16 лет назад

Mozilla Firefox 3 before 3.0.11 associates an incorrect principal with a file: URL loaded through the location bar, which allows user-assisted remote attackers to bypass intended access restrictions and read files via a crafted HTML document, aka a "file-URL-to-file-URL scripting" attack.

nvd логотип

CVE-2009-1839

nvd
больше 16 лет назад

Mozilla Firefox 3 before 3.0.11 associates an incorrect principal with a file: URL loaded through the location bar, which allows user-assisted remote attackers to bypass intended access restrictions and read files via a crafted HTML document, aka a "file-URL-to-file-URL scripting" attack.

debian логотип

CVE-2009-1839

debian
больше 16 лет назад

Mozilla Firefox 3 before 3.0.11 associates an incorrect principal with ...

github логотип

GHSA-mx4x-6484-3f7v

github
больше 3 лет назад

Mozilla Firefox 3 before 3.0.11 associates an incorrect principal with a file: URL loaded through the location bar, which allows user-assisted remote attackers to bypass intended access restrictions and read files via a crafted HTML document, aka a "file-URL-to-file-URL scripting" attack.

oracle-oval логотип

ELSA-2009-1095

oracle-oval
больше 16 лет назад

ELSA-2009-1095: firefox security update (CRITICAL)

5.4 Medium

CVSS2