CVSS: 10.0EPSS: 58%CPEs: 117EXPL: 1CVE-2009-2464 – Mozilla Firefox 3.0.11 and Thunderbird 2.0.9 - RDF File Handling Remote Memory Corruption
https://notcve.org/view.php?id=CVE-2009-2464
The nsXULTemplateQueryProcessorRDF::CheckIsSeparator function in Mozilla Firefox before 3.0.12, SeaMonkey 2.0a1pre, and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to loading multiple RDF files in a XUL tree element. El nsXULTemplateQueryProcessorRDF::CheckIsSeparator function en Mozilla Firefox anteriores a v3.0.12, SeaMonkey v2.0a1pre, y Thunderbird permite a atacantes remotos causar una denegación de servicio (consumo de memoria y caída de aplicación) o posiblemente ejecutar código a su elección a través de vectores relacionados con la carga de archivos múltiples RDF en un árbol XUL. • https://www.exploit-db.com/exploits/33101 http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00002.html http://rhn.redhat.com/errata/RHSA-2009-1162.html http://secunia.com/advisories/35914 http://secunia.com/advisories/35943 http://secunia.com/advisories/35944 http://secunia.com/advisories/36005 http://secunia.com/advisories/36145 http://sunsolve.sun.com/search/document.do?assetkey=1-26-265068&# • CWE-399: Resource Management Errors •
CVSS: 5.0EPSS: 3%CPEs: 185EXPL: 2CVE-2009-2535 – Multiple Browsers - Denial of Service
https://notcve.org/view.php?id=CVE-2009-2535
Mozilla Firefox before 2.0.0.19 and 3.x before 3.0.5, SeaMonkey, and Thunderbird allow remote attackers to cause a denial of service (memory consumption and application crash) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692. Mozilla Firefox anteriores a v2.0.0.19 y v3.x anteriores a v3.0.5, SeaMonkey y Thunderbird permite a atacantes remotos provocar una denegación de servicio (consumo de memoria y colgado de la aplicación) mediante un valor entero grande en la propiedad "length" de un objeto "Select", siendo un asunto relacionado con CVE-2009-1692. • https://www.exploit-db.com/exploits/9160 http://www.exploit-db.com/exploits/9160 http://www.g-sec.lu/one-bug-to-rule-them-all.html http://www.securityfocus.com/archive/1/504969/100/0/threaded http://www.securityfocus.com/archive/1/504988/100/0/threaded http://www.securityfocus.com/archive/1/504989/100/0/threaded http://www.securityfocus.com/archive/1/505006/100/0/threaded https://bugzilla.mozilla.org/show_bug.cgi?id=460713 • CWE-189: Numeric Errors •
CVSS: 6.8EPSS: 0%CPEs: 86EXPL: 0CVE-2009-2065
https://notcve.org/view.php?id=CVE-2009-2065
Mozilla Firefox 3.0.10, and possibly other versions, detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script file on an http site, related to "HTTP-Intended-but-HTTPS-Loadable (HPIHSL) pages." Mozilla Firefox 3.0.10, y posiblemente otras versiones, detecta contenido http en páginas https únicamente cuando el marco (frame) de nivel superior usa https, lo que permite a atacantes "hombre-en-medio" (man-in-the-middle o MITM) ejecutar secuencias de comandos web de su elección, en un contexto de sitio https, modificando una página http para incluir un iframe https que referencia al archivo en un sitio http con la secuencia de comandos. Relacionado con "Páginas HTTP-Intended-but-HTTPS-Loadable (HPIHSL) pages." • http://research.microsoft.com/apps/pubs/default.aspx?id=79323 http://research.microsoft.com/pubs/79323/pbp-final-with-update.pdf http://www.securityfocus.com/bid/35403 https://exchange.xforce.ibmcloud.com/vulnerabilities/51189 • CWE-287: Improper Authentication •
CVSS: 9.3EPSS: 0%CPEs: 87EXPL: 1CVE-2009-2061
https://notcve.org/view.php?id=CVE-2009-2061
Mozilla Firefox before 3.0.10 processes a 3xx HTTP CONNECT response before a successful SSL handshake, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying this CONNECT response to specify a 302 redirect to an arbitrary https web site. Mozilla Firefox anterior a v3.0.10 procesa una respuesta 3xx CONEXIÓN HTTP anteriores a una negociación SSL con éxito, lo que permite a los atacantes "hombre en el medio" ejecutar arbitrariamente una secuencia de comandos web, en un contexto de página https, modificando esta respuesta de CONEXIÓN a una redirección específica 302 a un página web https arbitraria. • http://research.microsoft.com/apps/pubs/default.aspx?id=79323 http://research.microsoft.com/pubs/79323/pbp-final-with-update.pdf http://www.securityfocus.com/bid/35412 https://exchange.xforce.ibmcloud.com/vulnerabilities/51203 • CWE-310: Cryptographic Issues •
CVSS: 9.3EPSS: 1%CPEs: 202EXPL: 0CVE-2009-1841 – Firefox JavaScript arbitrary code execution
https://notcve.org/view.php?id=CVE-2009-1841
js/src/xpconnect/src/xpcwrappedjsclass.cpp in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to execute arbitrary web script with the privileges of a chrome object, as demonstrated by the browser sidebar and the FeedWriter. js/src/xpconnect/src/xpcwrappedjsclass.cpp en Mozilla Firefox anterior a v3.0.11, Thunderbird anterior a v2.0.0.22, y SeaMonkey anterior a v1.1.17 permite a atacantes remotos ejecutar secuencias de comandos web de forma arbitraria con los privilegios de un objeto "chrome", como se ha demostrado en la barra lateral del navegador y el FeedWriter. • http://osvdb.org/55159 http://rhn.redhat.com/errata/RHSA-2009-1096.html http://secunia.com/advisories/35331 http://secunia.com/advisories/35415 http://secunia.com/advisories/35428 http://secunia.com/advisories/35431 http://secunia.com/advisories/35439 http://secunia.com/advisories/35440 http://secunia.com/advisories/35468 http://secunia.com/advisories/35536 http://secunia.com/advisories/35561 http://secunia.com/advisories/35602 http://secunia.com/advisories/35882 http& • CWE-94: Improper Control of Generation of Code ('Code Injection') •