Lucene search
Mozilla FoundationMFSA2009-17HistoryApr 21, 2009 - 12:00 a.m.
Same-origin violations when Adobe Flash loaded via view-source: scheme — Mozilla
2009-04-2100:00:00
Mozilla Foundation
www.mozilla.org
31
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.019
Percentile
88.7%
Security researcher Gregory Fleischer reported that when an Adobe Flash file is loaded via the view-source: scheme, the Flash plugin misinterprets the origin of the content as localhost, leading to two specific vulnerabilities:
Affected configurations
Node
mozillafirefoxRange<3.0.9
ORmozillaseamonkeyRange<1.1.17
ORmozillathunderbirdRange<2.0.0.22
Related
cvelist
cvelist
CVE-2009-1307
2009-04-22 18:00:00
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2009-17
2009-04-23 00:00:00
Mozilla Firefox / Seamonkey multiple security vulnerabilities
2009-04-28 00:00:00
cve
cve
CVE-2009-1307
2009-04-22 18:30:00
nvd
nvd
CVE-2009-1307
2009-04-22 18:30:00
prion
prion
Design/Logic Flaw
2009-04-22 18:30:00
ubuntucve
ubuntucve
CVE-2009-1307
2009-04-22 00:00:00
veracode
veracode
Phishing Attacks
2020-04-10 00:33:07
openvas
openvas
CentOS Update for seamonkey CESA-2009:0437-02 centos2 i386
2011-08-09 00:00:00
CentOS Security Advisory CESA-2009:0437-02 (seamonkey)
2009-04-28 00:00:00
RedHat Security Advisory RHSA-2009:0437
2009-04-28 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: seamonkey-1.1.17-1.fc11
2009-07-16 07:11:14
[SECURITY] Fedora 10 Update: seamonkey-1.1.17-1.fc10
2009-07-16 06:57:32
[SECURITY] Fedora 9 Update: mugshot-1.2.2-8.fc9
2009-04-22 20:27:04
redhat
redhat
(RHSA-2009:0437) Critical: seamonkey security update
2009-04-21 00:00:00
(RHSA-2009:1125) Moderate: thunderbird security update
2009-06-25 00:00:00
(RHSA-2009:1126) Moderate: thunderbird security update
2009-06-25 00:00:00
nessus
nessus
RHEL 2.1 / 3 / 4 : seamonkey (RHSA-2009:0437)
2009-04-22 00:00:00
Oracle Linux 3 / 4 : seamonkey (ELSA-2009-0437)
2013-07-12 00:00:00
Fedora 11 : seamonkey-1.1.17-1.fc11 (2009-7614)
2009-07-17 00:00:00
centos
centos
seamonkey security update
2009-04-22 19:48:58
seamonkey security update
2009-04-24 05:51:23
thunderbird security update
2009-06-26 14:08:25
oraclelinux
oraclelinux
seamonkey security update
2009-04-21 00:00:00
thunderbird security update
2009-06-25 00:00:00
firefox security update
2009-04-22 00:00:00
debian
debian
[SECURITY] [DSA 1797-1] New xulrunner packages fix several vulnerabilities
2009-05-09 13:00:16
[SECURITY] [DSA 1830-1] New icedove packages fix several vulnerabilities
2009-07-12 11:21:02
ubuntu
ubuntu
Thunderbird vulnerabilities
2009-06-25 00:00:00
Firefox and Xulrunner vulnerabilities
2009-04-23 00:00:00
osv
osv
xulrunner - several vulnerabilities
2009-05-09 00:00:00
icedove - several vulnerabilities
2009-07-12 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2009-04-21 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.019
Percentile
88.7%
Related for MFSA2009-17