exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2009-0355

больше 16 лет назад

components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type="file" during tab restoration, which allows user-assisted remote attackers to read arbitrary files on a client machine via a crafted INPUT element.

CVSS2: 5.4

EPSS: Низкий

CVE-2009-0355

больше 16 лет назад

components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type="file" during tab restoration, which allows user-assisted remote attackers to read arbitrary files on a client machine via a crafted INPUT element.

CVSS2: 2.6

EPSS: Низкий

CVE-2009-0355

больше 16 лет назад

components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type="file" during tab restoration, which allows user-assisted remote attackers to read arbitrary files on a client machine via a crafted INPUT element.

CVSS2: 5.4

EPSS: Низкий

CVE-2009-0355

больше 16 лет назад

components/sessionstore/src/nsSessionStore.js in Mozilla Firefox befor ...

CVSS2: 5.4

EPSS: Низкий

GHSA-h2q7-pj3w-pr6f

около 3 лет назад

components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type="file" during tab restoration, which allows user-assisted remote attackers to read arbitrary files on a client machine via a crafted INPUT element.

EPSS: Низкий

ELSA-2009-0256

больше 16 лет назад

ELSA-2009-0256: firefox security update (CRITICAL)

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2009-0355 components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type="file" during tab restoration, which allows user-assisted remote attackers to read arbitrary files on a client machine via a crafted INPUT element.	CVSS2: 5.4	2% Низкий	больше 16 лет назад
CVE-2009-0355 components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type="file" during tab restoration, which allows user-assisted remote attackers to read arbitrary files on a client machine via a crafted INPUT element.	CVSS2: 2.6	2% Низкий	больше 16 лет назад
CVE-2009-0355 components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type="file" during tab restoration, which allows user-assisted remote attackers to read arbitrary files on a client machine via a crafted INPUT element.	CVSS2: 5.4	2% Низкий	больше 16 лет назад
CVE-2009-0355 components/sessionstore/src/nsSessionStore.js in Mozilla Firefox befor ...	CVSS2: 5.4	2% Низкий	больше 16 лет назад
GHSA-h2q7-pj3w-pr6f components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type="file" during tab restoration, which allows user-assisted remote attackers to read arbitrary files on a client machine via a crafted INPUT element.		2% Низкий	около 3 лет назад
ELSA-2009-0256 ELSA-2009-0256: firefox security update (CRITICAL)			больше 16 лет назад

Уязвимостей на страницу