exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2009-1306

около 16 лет назад

The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via an uploaded .jar file with a "Content-Disposition: attachment" designation.

CVSS2: 4.3

EPSS: Низкий

CVE-2009-1306

около 16 лет назад

The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via an uploaded .jar file with a "Content-Disposition: attachment" designation.

CVSS2: 4.3

EPSS: Низкий

CVE-2009-1306

около 16 лет назад

The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via an uploaded .jar file with a "Content-Disposition: attachment" designation.

CVSS2: 4.3

EPSS: Низкий

CVE-2009-1306

около 16 лет назад

The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbi ...

CVSS2: 4.3

EPSS: Низкий

GHSA-hh3w-x3wq-8jvq

около 3 лет назад

The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via an uploaded .jar file with a "Content-Disposition: attachment" designation.

EPSS: Низкий

ELSA-2009-0436

около 16 лет назад

ELSA-2009-0436: firefox security update (CRITICAL)

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2009-1306 The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via an uploaded .jar file with a "Content-Disposition: attachment" designation.	CVSS2: 4.3	1% Низкий	около 16 лет назад
CVE-2009-1306 The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via an uploaded .jar file with a "Content-Disposition: attachment" designation.	CVSS2: 4.3	1% Низкий	около 16 лет назад
CVE-2009-1306 The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via an uploaded .jar file with a "Content-Disposition: attachment" designation.	CVSS2: 4.3	1% Низкий	около 16 лет назад
CVE-2009-1306 The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbi ...	CVSS2: 4.3	1% Низкий	около 16 лет назад
GHSA-hh3w-x3wq-8jvq The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via an uploaded .jar file with a "Content-Disposition: attachment" designation.		1% Низкий	около 3 лет назад
ELSA-2009-0436 ELSA-2009-0436: firefox security update (CRITICAL)			около 16 лет назад

Уязвимостей на страницу