Vulnerability & Exploit Database

Displaying entries 1 - 10 of 15 in total

Results for: CVE-2009-1839 Back to search

USN-779-1: Firefox and Xulrunner vulnerabilities Vulnerability

  • Severity: 9
  • Published: June 12, 2009

js/src/xpconnect/src/xpcwrappedjsclass.cpp in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to execute arbitrary web script with the privileges of a chrome object, as demonstrated by the browser sidebar and the FeedWriter.

SUSE Linux Security Advisory: SUSE-SA:2009:034 Vulnerability

  • Severity: 9
  • Published: June 12, 2009

js/src/xpconnect/src/xpcwrappedjsclass.cpp in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to execute arbitrary web script with the privileges of a chrome object, as demonstrated by the browser sidebar and the FeedWriter.

SUSE Linux Security Vulnerability: CVE-2009-1839 Vulnerability

  • Severity: 5
  • Published: June 12, 2009

Mozilla Firefox 3 before 3.0.11 associates an incorrect principal with a file: URL loaded through the location bar, which allows user-assisted remote attackers to bypass intended access restrictions and read files via a crafted HTML document, aka a "file-URL-to-file-URL scripting" attack.

RHSA-2009:1095: firefox security update Vulnerability

  • Severity: 9
  • Published: June 12, 2009

Mozilla Firefox is an open source Web browser. XULRunner provides the XULRuntime environment for Mozilla Firefox.Several flaws were found in the processing of malformed web content. A webpage containing malicious content could cause Firefox to crash or,potentially, execute arbitrary code as the user running Firefox.(CVE-2009-1392, CVE-20...

Gentoo Linux: CVE-2009-1839: Mozilla Products: Multiple vulnerabilities Vulnerability

  • Severity: 5
  • Published: June 12, 2009

Mozilla Firefox 3 before 3.0.11 associates an incorrect principal with a file: URL loaded through the location bar, which allows user-assisted remote attackers to bypass intended access restrictions and read files via a crafted HTML document, aka a "file-URL-to-file-URL scripting" attack.

FreeBSD: mozilla -- multiple vulnerabilities (Multiple CVEs) Vulnerability

  • Severity: 9
  • Published: June 12, 2009

js/src/xpconnect/src/xpcwrappedjsclass.cpp in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to execute arbitrary web script with the privileges of a chrome object, as demonstrated by the browser sidebar and the FeedWriter.

Cent OS: CVE-2009-1839: CESA-2009:1095 (firefox) Vulnerability

  • Severity: 5
  • Published: June 12, 2009

Mozilla Firefox 3 before 3.0.11 associates an incorrect principal with a file: URL loaded through the location bar, which allows user-assisted remote attackers to bypass intended access restrictions and read files via a crafted HTML document, aka a "file-URL-to-file-URL scripting" attack.

Mozilla Firefox Multiple Vulnerabilities Fixed in 3.0.11 Vulnerability

  • Severity: 9
  • Published: June 11, 2009

Mozilla Firefox before 3.0.11 is affected by multiple vulnerabilities:

  • Crashes with evidence of memory corruption (MFSA 2009-24). Several stability bugs were identified and fixed in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showe...

USN-789-1: GStreamer Good Plugins vulnerability Vulnerability

  • Severity: 7
  • Published: June 04, 2009

Multiple integer overflows in the (1) user_info_callback, (2) user_endrow_callback, and (3) gst_pngdec_task functions (ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PNG file, ...