Rapid7 Vulnerability & Exploit Database

Mozilla Firefox Multiple Vulnerabilities Fixed in 3.0.9

Back to Search

Mozilla Firefox Multiple Vulnerabilities Fixed in 3.0.9

Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
03/02/2009
Created
07/25/2018
Added
05/01/2009
Modified
02/13/2015

Description

Mozilla Firefox before 3.0.9 is affected by multiple vulnerabilities:

  • Crashes with evidence of memory corruption (MFSA 2009-14). The browser engine in Mozilla Firefox before 3.0.9 could allow remote attackers to cause a denial of service and possibly trigger memory corruption.
  • URL spoofing with box drawing character (MFSA 2009-15). Unicode box drawing characters were allowed in Internationalized Domain Names (IDN) where they could be visually confused with punctuation used in valid web addresses. This could be combined with a phishing-type scam to trick a victim into thinking they were on a different website than they actually were.
  • jar: scheme ignores the content-disposition: header on the inner URI (MFSA 2009-16). The jar: URI implementation does not follow the Content-Disposition header of the inner URI. This could allow remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via an uploaded .jar file with a "Content-Disposition: attachment" designation.
  • Same-origin violations when Adobe Flash loaded via view-source: scheme (MFSA 2009-17). The view-source: URI implementation in Mozilla Firefox does not properly implement the Same Origin Policy. This could allow remote attackers to bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; read, create, or modify Local Shared Objects via a Flash file; or bypass unspecified restrictions and render content via vectors involving a jar: URI.
  • XSS hazard using third-party stylesheets and XBL bindings (MFSA 2009-18). Sites which allow users to embed third-party stylesheets are vulnerable to script injection attacks using XBL bindings.
  • Same-origin violations in XMLHttpRequest and XPCNativeWrapper.toString (MFSA 2009-19). Mozilla Firefox before 3.0.9 does not properly implement the Same Origin Policy for XMLHttpRequest and XPCNativeWrapper.toString. This could allow remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via a crafted document.
  • Malicious search plugins can inject code into arbitrary sites (MFSA 2009-20). A cross-site scripting (XSS) vulnerability in the MozSearch plugin implementation in Mozilla Firefox could allow user-assisted remote attackers to inject arbitrary web script or HTML via a javascript: URI in the SearchForm element.
  • POST data sent to wrong site when saving web page with embedded frame (MFSA 2009-21). When saving the inner frame of a web page as a file when the outer page has POST data associated with it, the POST data will be incorrectly sent to the URL of the inner frame. This could allow remote attackers to obtain sensitive information via a web page with an embedded frame.
  • Firefox allows Refresh header to redirect to javascript: URIs (MFSA 2009-22). Certain versions of Mozilla Firefox do not block javascript: URIs in Refresh headers in HTTP responses. This could allow remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to injecting a Refresh header or specifying the content of a Refresh header.

Solution(s)

  • mozilla-firefox-upgrade-3_0_9

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;