CVE-2009-3376 – Firefox download filename spoofing with RTL override
https://notcve.org/view.php?id=CVE-2009-3376
Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, does not properly handle a right-to-left override (aka RLO or U+202E) Unicode character in a download filename, which allows remote attackers to spoof file extensions via a crafted filename, as demonstrated by displaying a non-executable extension for an executable file. Mozilla Firefox anteriores a v3.0.15 y v3.5.x anteriores a v3.5.4, y SeaMonkey anteriores a v2.0, no maneja adecuadamente una anulación de carácter Unicode "right-to-left" (también conocido como RLO o U+202E) en un nombre de fichero de descarga, lo que permite a atacantes remotos falsificar las extensiones de fichero a través de un nombre de fichero manipulado como se demuestra en una extensión no ejecutable de un fichero ejecutable. • http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html http://secunia.com/advisories/38977 http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1 http://www.mandriva.com/security/advisories?name=MDVSA-2009:294 http://www.mozilla.org/security/announce/2009/mfsa2009-62.html http://www.redhat.com/support/errata/RHSA-2010-0153.html http://www.redhat.com/support/errata/RHSA-2010-0154.html http://www.ubuntu.com/usn/USN-915-1 http://www.vupen.co • CWE-16: Configuration •
CVE-2009-3372 – Firefox crash in proxy auto-configuration regexp parsing
https://notcve.org/view.php?id=CVE-2009-3372
Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via a crafted regular expression in a Proxy Auto-configuration (PAC) file. Mozilla Firefox anteriores a v3.0.15 y v3.5.x anteriores a v3.5.4, y SeaMonkey anteriores a v2.0, permite a atacantes remotos ejecutar código arbitrario a través de un expresión regular manipulada en un fichero de autoconfiguración de proxy. • http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1 http://www.mandriva.com/security/advisories?name=MDVSA-2009:294 http://www.mozilla.org/security/announce/2009/mfsa2009-55.html http://www.vupen.com/english/advisories/2009/3334 https://bugzilla.mozilla.org/show_bug.cgi?id=500644 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10977 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6347 https://access& •
CVE-2009-3382 – Mozilla Firefox 3.0.14 - Remote Memory Corruption
https://notcve.org/view.php?id=CVE-2009-3382
layout/base/nsCSSFrameConstructor.cpp in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 does not properly handle first-letter frames, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. layout/base/nsCSSFrameConstructor.cpp en el motor del navegador en Mozilla Firefox v3.0.x anteriores a v3.0.15 no maneja adecuadamente los frames, lo que permite a atacantes remotos producir una denegación de servicio (corrupción de memoria y caída de aplicación) o posiblemente ejecutar código arbitrario a través de vectores desconocidos. • https://www.exploit-db.com/exploits/33314 http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1 http://www.mozilla.org/security/announce/2009/mfsa2009-64.html http://www.vupen.com/english/advisories/2009/3334 https://bugzilla.mozilla.org/show_bug.cgi?id=514960 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11219 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5581 https://access.redhat.com/security •
CVE-2009-3373 – Mozilla Firefox 3.5.3 / SeaMonkey 1.1.17 - 'libpr0n' .GIF Parser Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2009-3373
Heap-based buffer overflow in the GIF image parser in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via unspecified vectors. Desbordamiento de búfer basado en memoria dinámica en el parseador de imágenes GIF en Mozilla Firefox anteriores a v3.0.15 y v3.5.x anteriores a v3.5.4, y SeaMonkey anteriores a v2.0, permite a atacantes remotos ejecutar código arbitrario a través de vectores desconocidos. • https://www.exploit-db.com/exploits/33313 http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1 http://www.mandriva.com/security/advisories?name=MDVSA-2009:294 http://www.mozilla.org/security/announce/2009/mfsa2009-56.html http://www.vupen.com/english/advisories/2009/3334 https://bugzilla.mozilla.org/show_bug.cgi?id=511689 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10684 https://oval.cisecurity.org/repository/search/definition/oval • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVE-2009-2983 – Adobe Reader 9.1.3 / Acrobat - COM Objects Memory Corruption Remote Code Execution
https://notcve.org/view.php?id=CVE-2009-2983
Various reproduction code that demonstrates memory corruption when loading/unloading Adobe objects through an EMBED tag in Firefox. • https://www.exploit-db.com/exploits/33283 http://securitytracker.com/id?1023007 http://www.adobe.com/support/security/bulletins/apsb09-15.html http://www.securityfocus.com/bid/36638 http://www.us-cert.gov/cas/techalerts/TA09-286B.html http://www.vupen.com/english/advisories/2009/2898 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5636 https://access.redhat.com/security/cve/CVE-2009-2983 https://bugzilla.redhat.com/show_bug.cgi?id=528659 • CWE-399: Resource Management Errors •