CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
99.2%
Mozilla Foundation reports:
MFSA 2009-32 JavaScript chrome privilege escalation
MFSA 2009-31 XUL scripts bypass content-policy checks
MFSA 2009-30 Incorrect principal set for file: resources
loaded via location bar
MFSA 2009-29 Arbitrary code execution using event listeners
attached to an element whose owner document is null
MFSA 2009-28 Race condition while accessing the private data
of a NPObject JS wrapper class object
MFSA 2009-27 SSL tampering via non-200 responses to proxy
CONNECT requests
MFSA 2009-26 Arbitrary domain cookie access by local file:
resources
MFSA 2009-25 URL spoofing with invalid unicode characters
MFSA 2009-24 Crashes with evidence of memory corruption (rv:1.9.0.11)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | firefox | < 2.0.0.20_8,1 | UNKNOWN |
FreeBSD | any | noarch | linux-firefox | < 3.0.11 | UNKNOWN |
FreeBSD | any | noarch | linux-firefox-devel | < 3.0.11 | UNKNOWN |
FreeBSD | any | noarch | thunderbird | < 2.0.0.22 | UNKNOWN |
FreeBSD | any | noarch | linux-thunderbird | < 2.0.0.22 | UNKNOWN |
FreeBSD | any | noarch | seamonkey | < 1.1.17 | UNKNOWN |
FreeBSD | any | noarch | linux-seamonkey | < 1.1.17 | UNKNOWN |
secunia.com/advisories/35331/
www.mozilla.org/security/announce/2009/mfsa2009-24.html
www.mozilla.org/security/announce/2009/mfsa2009-25.html
www.mozilla.org/security/announce/2009/mfsa2009-26.html
www.mozilla.org/security/announce/2009/mfsa2009-27.html
www.mozilla.org/security/announce/2009/mfsa2009-28.html
www.mozilla.org/security/announce/2009/mfsa2009-29.html
www.mozilla.org/security/announce/2009/mfsa2009-30.html
www.mozilla.org/security/announce/2009/mfsa2009-31.html
www.mozilla.org/security/announce/2009/mfsa2009-32.html
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
99.2%