Vulnerabilities > CVE-2009-0652 - Unspecified vulnerability in Mozilla Firefox, Seamonkey and Thunderbird

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

mozilla

nessus

NVD

Published: 2009-02-20

Updated: 2024-11-21

Summary

The Internationalized Domain Names (IDN) blacklist in Mozilla Firefox 3.0.6 and other versions before 3.0.9; Thunderbird before 2.0.0.21; and SeaMonkey before 1.1.15 does not include box-drawing characters, which allows remote attackers to spoof URLs and conduct phishing attacks, as demonstrated by homoglyphs of the / (slash) and ? (question mark) characters in a subdomain of a .cn domain name, a different vulnerability than CVE-2005-0233. NOTE: some third parties claim that 3.0.6 is not affected, but much older versions perhaps are affected.

Vulnerable Configurations

Part	Description	Count
Application	Mozilla Mozilla Seamonkey 1.1.10 Mozilla Seamonkey 1.0.3 Mozilla Seamonkey 1.1.8 Mozilla Seamonkey 1.0.1 Mozilla Seamonkey 1.1.7 Mozilla Seamonkey 1.0.6 Mozilla Seamonkey 1.0.9 Mozilla Seamonkey - Mozilla Seamonkey 1.0 Mozilla Seamonkey 1.0.2 Mozilla Seamonkey 1.0.4 Mozilla Seamonkey 1.0.5 Mozilla Seamonkey 1.0.7 Mozilla Seamonkey 1.0.8 Mozilla Seamonkey 1.1 Mozilla Seamonkey 1.1.1 Mozilla Seamonkey 1.1.2 Mozilla Seamonkey 1.1.3 Mozilla Seamonkey 1.1.4 Mozilla Seamonkey 1.1.5 Mozilla Seamonkey 1.1.6 Mozilla Seamonkey 1.1.9 Mozilla Seamonkey 1.1.11 Mozilla Seamonkey 1.1.12 Mozilla Seamonkey 1.1.13 Mozilla Seamonkey 1.1.14 Mozilla Firefox 2.0.0.12 Mozilla Firefox 1.5.0.6 Mozilla Firefox 2.0.0.2 Mozilla Firefox 1.5.0.10 Mozilla Firefox 1.5.0.3 Mozilla Firefox 1.5.0.11 Mozilla Firefox 1.0.2 Mozilla Firefox 3.0.4 Mozilla Firefox 3.0.5 Mozilla Firefox 1.5 Mozilla Firefox 1.0.4 Mozilla Firefox 2.0.0.7 Mozilla Firefox 1.0.7 Mozilla Firefox 2.0.0.9 Mozilla Firefox 2.0.0.16 Mozilla Firefox 2.0.0.17 Mozilla Firefox 2.0.0.15 Mozilla Firefox 1.0 Mozilla Firefox 3.0.3 Mozilla Firefox 1.5.0.7 Mozilla Firefox 2.0 Mozilla Firefox 1.0.1 Mozilla Firefox 2.0.0.14 Mozilla Firefox 1.5.0.8 Mozilla Firefox 2.0.0.3 Mozilla Firefox 1.5.0.9 Mozilla Firefox 1.5.0.5 Mozilla Firefox 1.5.0.12 Mozilla Firefox 2.0.0.6 Mozilla Firefox 3.0 Mozilla Firefox 2.0.0.11 Mozilla Firefox 1.5.0.2 Mozilla Firefox 1.0.3 Mozilla Firefox 3.0.1 Mozilla Firefox 2.0.0.4 Mozilla Firefox 2.0.0.13 Mozilla Firefox 2.0.0.18 Mozilla Firefox - Mozilla Firefox 0.1 Mozilla Firefox 0.2 Mozilla Firefox 0.3 Mozilla Firefox 0.4 Mozilla Firefox 0.5 Mozilla Firefox 0.6 Mozilla Firefox 0.6.1 Mozilla Firefox 0.7 Mozilla Firefox 0.7.1 Mozilla Firefox 0.8 Mozilla Firefox 0.9 Mozilla Firefox 0.9.1 Mozilla Firefox 0.9.2 Mozilla Firefox 0.9.3 Mozilla Firefox 0.10 Mozilla Firefox 0.10.1 Mozilla Firefox 1.0.5 Mozilla Firefox 1.0.6 Mozilla Firefox 1.0.8 Mozilla Firefox 1.4.1 Mozilla Firefox 1.5.0.1 Mozilla Firefox 1.5.0.4 Mozilla Firefox 1.5.1 Mozilla Firefox 1.5.2 Mozilla Firefox 1.5.3 Mozilla Firefox 1.5.4 Mozilla Firefox 1.5.5 Mozilla Firefox 1.5.6 Mozilla Firefox 1.5.7 Mozilla Firefox 1.5.8 Mozilla Firefox 1.8 Mozilla Firefox 2.0.0.1 Mozilla Firefox 2.0.0.5 Mozilla Firefox 2.0.0.8 Mozilla Firefox 2.0.0.10 Mozilla Firefox 2.0.0.19 Mozilla Firefox 2.0.0.20 Mozilla Firefox 3.0.2 Mozilla Firefox 3.0.6 Mozilla Thunderbird 2.0.0.4 Mozilla Thunderbird 2.0.0.6 Mozilla Thunderbird 2.0.0.18 Mozilla Thunderbird 2.0.0.9 Mozilla Thunderbird 2.0.0.16 Mozilla Thunderbird - Mozilla Thunderbird 0.1 Mozilla Thunderbird 0.2 Mozilla Thunderbird 0.3 Mozilla Thunderbird 0.4 Mozilla Thunderbird 0.5 Mozilla Thunderbird 0.6 Mozilla Thunderbird 0.7 Mozilla Thunderbird 0.7.1 Mozilla Thunderbird 0.7.2 Mozilla Thunderbird 0.7.3 Mozilla Thunderbird 0.8 Mozilla Thunderbird 0.9 Mozilla Thunderbird 1.0 Mozilla Thunderbird 1.0.2 Mozilla Thunderbird 1.0.5 Mozilla Thunderbird 1.0.6 Mozilla Thunderbird 1.0.7 Mozilla Thunderbird 1.0.8 Mozilla Thunderbird 1.1 Mozilla Thunderbird 1.5 Mozilla Thunderbird 1.5.0.2 Mozilla Thunderbird 1.5.0.4 Mozilla Thunderbird 1.5.0.5 Mozilla Thunderbird 1.5.0.7 Mozilla Thunderbird 1.5.0.8 Mozilla Thunderbird 1.5.0.9 Mozilla Thunderbird 1.5.0.10 Mozilla Thunderbird 1.5.0.12 Mozilla Thunderbird 1.5.0.13 Mozilla Thunderbird 1.5.0.14 Mozilla Thunderbird 2.0 Mozilla Thunderbird 2.0.0.0 Mozilla Thunderbird 2.0.0.5 Mozilla Thunderbird 2.0.0.12 Mozilla Thunderbird 2.0.0.14 Mozilla Thunderbird 2.0.0.17 Mozilla Thunderbird 2.0.0.19	178

Nessus

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-1830.NASL
description	Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-0040 The execution of arbitrary code might be possible via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables. (MFSA 2009-10) - CVE-2009-0352 It is possible to execute arbitrary code via vectors related to the layout engine. (MFSA 2009-01) - CVE-2009-0353 It is possible to execute arbitrary code via vectors related to the JavaScript engine. (MFSA 2009-01) - CVE-2009-0652 Bjoern Hoehrmann and Moxie Marlinspike discovered a possible spoofing attack via Unicode box drawing characters in internationalized domain names. (MFSA 2009-15) - CVE-2009-0771 Memory corruption and assertion failures have been discovered in the layout engine, leading to the possible execution of arbitrary code. (MFSA 2009-07) - CVE-2009-0772 The layout engine allows the execution of arbitrary code in vectors related to nsCSSStyleSheet::GetOwnerNode, events, and garbage collection. (MFSA 2009-07) - CVE-2009-0773 The JavaScript engine is prone to the execution of arbitrary code via several vectors. (MFSA 2009-07) - CVE-2009-0774 The layout engine allows the execution of arbitrary code via vectors related to gczeal. (MFSA 2009-07) - CVE-2009-0776 Georgi Guninski discovered that it is possible to obtain xml data via an issue related to the nsIRDFService. (MFSA 2009-09) - CVE-2009-1302 The browser engine is prone to a possible memory corruption via several vectors. (MFSA 2009-14) - CVE-2009-1303 The browser engine is prone to a possible memory corruption via the nsSVGElement::BindToTree function. (MFSA 2009-14) - CVE-2009-1307 Gregory Fleischer discovered that it is possible to bypass the Same Origin Policy when opening a Flash file via the view-source: scheme. (MFSA 2009-17) - CVE-2009-1832 The possible arbitrary execution of code was discovered via vectors involving
last seen	2020-06-01
modified	2020-06-02
plugin id	44695
published	2010-02-24
reporter	This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/44695
title	Debian DSA-1830-1 : icedove - several vulnerabilities

NASL family	Windows
NASL id	SEAMONKEY_1115.NASL
description	The installed version of SeaMonkey is earlier than 1.1.15. Such versions are potentially affected by the following security issues : - There are several stability bugs in the browser engine that may lead to crashes with evidence of memory corruption. (MFSA 2009-01) - Cookies marked HTTPOnly are readable by JavaScript via the
last seen	2020-06-01
modified	2020-06-02
plugin id	35978
published	2009-03-20
reporter	This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/35978
title	SeaMonkey < 1.1.15 Multiple Vulnerabilities

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_MOZILLAFIREFOX-090427.NASL
description	Firefox version upgrade to 3.0.9 to fix various security bugs. (CVE-2009-1302 / CVE-2009-1303 / CVE-2009-1304 / CVE-2009-1305 / CVE-2009-1306 / CVE-2009-1307 / CVE-2009-1308 / CVE-2009-1309 / CVE-2009-1310 / CVE-2009-1311 / CVE-2009-1312 / CVE-2009-0652)
last seen	2020-06-01
modified	2020-06-02
plugin id	41354
published	2009-09-24
reporter	This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/41354
title	SuSE 11 Security Update : MozillaFirefox (SAT Patch Number 835)

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2009-0436.NASL
description	From Red Hat Security Advisory 2009:0436 : Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305) Several flaws were found in the way malformed web content was processed. A web page containing malicious content could execute arbitrary JavaScript in the context of the site, possibly presenting misleading data to a user, or stealing sensitive information such as login credentials. (CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310, CVE-2009-1312) A flaw was found in the way Firefox saved certain web pages to a local file. If a user saved the inner frame of a web page containing POST data, the POST data could be revealed to the inner frame, possibly surrendering sensitive information such as login credentials. (CVE-2009-1311) For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 3.0.9. You can find a link to the Mozilla advisories in the References section of this errata. All Firefox users should upgrade to these updated packages, which contain Firefox version 3.0.9, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.
last seen	2020-06-01
modified	2020-06-02
plugin id	67847
published	2013-07-12
reporter	This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/67847
title	Oracle Linux 4 / 5 : firefox (ELSA-2009-0436)

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-764-1.NASL
description	Several flaws were discovered in the browser engine. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305) It was discovered that Firefox displayed certain Unicode characters which could be visually confused with punctuation in valid web addresses in the location bar. An attacker could exploit this to spoof the location bar, such as in a phishing attack. (CVE-2009-0652) Several flaws were discovered in the way Firefox processed malformed URI schemes. If a user were tricked into viewing a malicious website, a remote attacker could execute arbitrary JavaScript or steal private data. (CVE-2009-1306, CVE-2009-1307, CVE-2009-1309, CVE-2009-1310, CVE-2009-1312) Cefn Hoile discovered Firefox did not adequately protect against embedded third-party stylesheets. An attacker could exploit this to perform script injection attacks using XBL bindings. (CVE-2009-1308) Paolo Amadini discovered that Firefox would submit POST data when reloading an inner frame of a web page. If a user were tricked into viewing a malicious website, a remote attacker could steal private data. (CVE-2009-1311). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	36228
published	2009-04-23
reporter	Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/36228
title	Ubuntu 8.04 LTS / 8.10 / 9.04 : firefox-3.0, xulrunner-1.9 vulnerabilities (USN-764-1)

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_MOZILLA-XULRUNNER190-090427.NASL
description	Firefox version upgrade to 3.0.9 to fix various security bugs. (CVE-2009-1302 / CVE-2009-1303 / CVE-2009-1304 / CVE-2009-1305,CVE -2009-1306,CVE-2009-1307 / CVE-2009-1308 / CVE-2009-1309,CVE-200 9-1310,CVE-2009-1311 / CVE-2009-1312 / CVE-2009-0652)
last seen	2020-06-01
modified	2020-06-02
plugin id	41437
published	2009-09-24
reporter	This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/41437
title	SuSE 11 Security Update : Mozilla (SAT Patch Number 834)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2009-3875.NASL
description	http://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.9 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	37309
published	2009-04-23
reporter	This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/37309
title	Fedora 9 : Miro-2.0.3-3.fc9 / blam-1.8.5-8.fc9.1 / chmsee-1.0.1-11.fc9 / devhelp-0.19.1-11.fc9 / etc (2009-3875)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2009-0437.NASL
description	Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code as the user running SeaMonkey. (CVE-2009-1303, CVE-2009-1305) Several flaws were found in the way malformed web content was processed. A web page containing malicious content could execute arbitrary JavaScript in the context of the site, possibly presenting misleading data to a user, or stealing sensitive information such as login credentials. (CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1309, CVE-2009-1312) A flaw was found in the way SeaMonkey saved certain web pages to a local file. If a user saved the inner frame of a web page containing POST data, the POST data could be revealed to the inner frame, possibly surrendering sensitive information such as login credentials. (CVE-2009-1311) All SeaMonkey users should upgrade to these updated packages, which correct these issues. After installing the update, SeaMonkey must be restarted for the changes to take effect.
last seen	2020-06-01
modified	2020-06-02
plugin id	36214
published	2009-04-22
reporter	This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/36214
title	RHEL 2.1 / 3 / 4 : seamonkey (RHSA-2009:0437)

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_1_MOZILLAFIREFOX-090427.NASL
description	Firefox version upgrade to 3.0.9 to fix various security bugs. (CVE-2009-1302,CVE-2009-1303,CVE-2009-1304,CVE-2009-1305,CVE -2009-1306,CVE-2009-1307,CVE-2009-1308,CVE-2009-1309,CVE-200 9-1310,CVE-2009-1311,CVE-2009-1312,CVE-2009-0652)
last seen	2020-06-01
modified	2020-06-02
plugin id	40172
published	2009-07-21
reporter	This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/40172
title	openSUSE Security Update : MozillaFirefox (MozillaFirefox-833)

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_0_SEAMONKEY-090617.NASL
description	The Mozilla SeaMonkey browser suite was updated to version 1.1.16, fixing various bugs and security issues : - Security update to 1.1.16 - MFSA 2009-12/CVE-2009-1169 (bmo#460090,485217) Crash and remote code execution in XSL transformation - MFSA 2009-14/CVE-2009-1303/CVE-2009-1305 Crashes with evidence of memory corruption (rv:1.9.0.9) - Security update to 1.1.15 - MFSA 2009-15/CVE-2009-0652 URL spoofing with box drawing character - MFSA 2009-07/CVE-2009-0771, CVE-2009-0772, CVE-2009-0773 CVE-2009-0774: Crashes with evidence of memory corruption (rv:1.9.0.7) - MFSA 2009-09/CVE-2009-0776: XML data theft via RDFXMLDataSource and cross-domain redirect - MFSA 2009-10/CVE-2009-0040: Upgrade PNG library to fix memory safety hazards - MFSA 2009-01/CVE-2009-0352 Crashes with evidence of memory corruption (rv:1.9.0.6) - MFSA 2009-05/CVE-2009-0357 XMLHttpRequest allows reading HTTPOnly cookies Please note that the java openjdk plugin might not work after installing this update.
last seen	2020-06-01
modified	2020-06-02
plugin id	40133
published	2009-07-21
reporter	This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/40133
title	openSUSE Security Update : seamonkey (seamonkey-1014)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2009-3893.NASL
description	http://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.9 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	38160
published	2009-04-27
reporter	This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/38160
title	Fedora 10 : Miro-2.0.3-3.fc10 / blam-1.8.5-9.fc10 / devhelp-0.22-7.fc10 / epiphany-2.24.3-5.fc10 / etc (2009-3893)

NASL family	Scientific Linux Local Security Checks
NASL id	SL_20090421_SEAMONKEY_ON_SL3_X.NASL
description	Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code as the user running SeaMonkey. (CVE-2009-1303, CVE-2009-1305) Several flaws were found in the way malformed web content was processed. A web page containing malicious content could execute arbitrary JavaScript in the context of the site, possibly presenting misleading data to a user, or stealing sensitive information such as login credentials. (CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1309, CVE-2009-1312) A flaw was found in the way SeaMonkey saved certain web pages to a local file. If a user saved the inner frame of a web page containing POST data, the POST data could be revealed to the inner frame, possibly surrendering sensitive information such as login credentials. (CVE-2009-1311) SeaMonkey must be restarted for the changes to take effect.
last seen	2020-06-01
modified	2020-06-02
plugin id	60573
published	2012-08-01
reporter	This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/60573
title	Scientific Linux Security Update : seamonkey on SL3.x, SL4.x i386/x86_64

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2009-0436.NASL
description	Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305) Several flaws were found in the way malformed web content was processed. A web page containing malicious content could execute arbitrary JavaScript in the context of the site, possibly presenting misleading data to a user, or stealing sensitive information such as login credentials. (CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310, CVE-2009-1312) A flaw was found in the way Firefox saved certain web pages to a local file. If a user saved the inner frame of a web page containing POST data, the POST data could be revealed to the inner frame, possibly surrendering sensitive information such as login credentials. (CVE-2009-1311) For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 3.0.9. You can find a link to the Mozilla advisories in the References section of this errata. All Firefox users should upgrade to these updated packages, which contain Firefox version 3.0.9, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.
last seen	2020-06-01
modified	2020-06-02
plugin id	36213
published	2009-04-22
reporter	This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/36213
title	RHEL 4 / 5 : firefox (RHSA-2009:0436)

NASL family	Scientific Linux Local Security Checks
NASL id	SL_20090421_FIREFOX_ON_SL4_X.NASL
description	Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305) Several flaws were found in the way malformed web content was processed. A web page containing malicious content could execute arbitrary JavaScript in the context of the site, possibly presenting misleading data to a user, or stealing sensitive information such as login credentials. (CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310, CVE-2009-1312) A flaw was found in the way Firefox saved certain web pages to a local file. If a user saved the inner frame of a web page containing POST data, the POST data could be revealed to the inner frame, possibly surrendering sensitive information such as login credentials. (CVE-2009-1311) After installing the update, Firefox must be restarted for the changes to take effect.
last seen	2020-06-01
modified	2020-06-02
plugin id	60572
published	2012-08-01
reporter	This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/60572
title	Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2009-0437.NASL
description	From Red Hat Security Advisory 2009:0437 : Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code as the user running SeaMonkey. (CVE-2009-1303, CVE-2009-1305) Several flaws were found in the way malformed web content was processed. A web page containing malicious content could execute arbitrary JavaScript in the context of the site, possibly presenting misleading data to a user, or stealing sensitive information such as login credentials. (CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1309, CVE-2009-1312) A flaw was found in the way SeaMonkey saved certain web pages to a local file. If a user saved the inner frame of a web page containing POST data, the POST data could be revealed to the inner frame, possibly surrendering sensitive information such as login credentials. (CVE-2009-1311) All SeaMonkey users should upgrade to these updated packages, which correct these issues. After installing the update, SeaMonkey must be restarted for the changes to take effect.
last seen	2020-06-01
modified	2020-06-02
plugin id	67848
published	2013-07-12
reporter	This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/67848
title	Oracle Linux 3 / 4 : seamonkey (ELSA-2009-0437)

NASL family	SuSE Local Security Checks
NASL id	SUSE_SEAMONKEY-6310.NASL
description	The Mozilla SeaMonkey browser suite was updated to version 1.1.16, fixing various bugs and security issues : - Security update to 1.1.16 - MFSA 2009-12/CVE-2009-1169 (bmo#460090,485217) Crash and remote code execution in XSL transformation - MFSA 2009-14/CVE-2009-1303/CVE-2009-1305 Crashes with evidence of memory corruption (rv:1.9.0.9) - Security update to 1.1.15 - MFSA 2009-15/CVE-2009-0652 URL spoofing with box drawing character - MFSA 2009-07/CVE-2009-0771, CVE-2009-0772, CVE-2009-0773 CVE-2009-0774: Crashes with evidence of memory corruption (rv:1.9.0.7) - MFSA 2009-09/CVE-2009-0776: XML data theft via RDFXMLDataSource and cross-domain redirect - MFSA 2009-10/CVE-2009-0040: Upgrade PNG library to fix memory safety hazards - MFSA 2009-01/CVE-2009-0352 Crashes with evidence of memory corruption (rv:1.9.0.6) - MFSA 2009-05/CVE-2009-0357 XMLHttpRequest allows reading HTTPOnly cookies Please note that the java openjdk plugin might not work after installing this update.
last seen	2020-06-01
modified	2020-06-02
plugin id	39462
published	2009-06-19
reporter	This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/39462
title	openSUSE 10 Security Update : seamonkey (seamonkey-6310)

NASL family	Windows
NASL id	MOZILLA_THUNDERBIRD_20021.NASL
description	The installed version of Thunderbird is earlier than 2.0.0.21. Such versions are potentially affected by the following security issues : - There are several stability bugs in the browser engine that could lead to crashes with evidence of memory corruption. (MFSA 2009-01) - By exploiting stability bugs in the browser engine, it might be possible for an attacker to execute arbitrary code on the remote system under certain conditions. (MFSA 2009-07) - It might be possible for a website to read arbitrary XML data from another domain by using nsIRDFService and a cross-domain redirect. (MFSA 2009-09) - Vulnerabilities in the PNG libraries used by Mozilla could be exploited to execute arbitrary code on the remote system. (MFSA 2009-10) - A URI-spoofing vulnerability exists because the application fails to adequately handle specific characters in IDN subdomains. (MFSA 2009-15)
last seen	2020-06-01
modified	2020-06-02
plugin id	35977
published	2009-03-20
reporter	This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/35977
title	Mozilla Thunderbird < 2.0.0.21 Multiple Vulnerabilities

NASL family	Mandriva Local Security Checks
NASL id	MANDRIVA_MDVSA-2009-111.NASL
description	Security vulnerabilities have been discovered in previous versions, and corrected in the latest Mozilla Firefox 3.x, version 3.0.10. (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305, CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310, CVE-2009-1311, CVE-2009-1312, CVE-2009-1313) This update provides the latest Mozilla Firefox 3.x to correct these issues. Additionally, some packages which require so, have been rebuilt and are being provided as updates. Update : The recent Mozilla Firefox update missed the Firefox language packs for Mandriva Linux 2009. This update provides them, fixing the issue.
last seen	2020-06-01
modified	2020-06-02
plugin id	38853
published	2009-05-13
reporter	This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/38853
title	Mandriva Linux Security Advisory : firefox (MDVSA-2009:111-1)

NASL family	Windows
NASL id	MOZILLA_FIREFOX_309.NASL
description	The installed version of Firefox is earlier than 3.0.9. Such versions are potentially affected by the following security issues : - Multiple remote memory corruption vulnerabilities exist that can be exploited to execute arbitrary code in the context of the user running the affected application. (MFSA 2009-14) - A flaw may exist where Unicode box drawing characters are allowed in Internationalized Domain Names where they could be visually confused with punctuation used in valid web addresses. An attacker can leverage this to launch a phishing-type scam against a victim. (MFSA 2009-15) - A vulnerability exists when the
last seen	2020-06-01
modified	2020-06-02
plugin id	36215
published	2009-04-22
reporter	This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/36215
title	Firefox < 3.0.9 Multiple Vulnerabilities

NASL family	CentOS Local Security Checks
NASL id	CENTOS_RHSA-2009-0437.NASL
description	Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code as the user running SeaMonkey. (CVE-2009-1303, CVE-2009-1305) Several flaws were found in the way malformed web content was processed. A web page containing malicious content could execute arbitrary JavaScript in the context of the site, possibly presenting misleading data to a user, or stealing sensitive information such as login credentials. (CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1309, CVE-2009-1312) A flaw was found in the way SeaMonkey saved certain web pages to a local file. If a user saved the inner frame of a web page containing POST data, the POST data could be revealed to the inner frame, possibly surrendering sensitive information such as login credentials. (CVE-2009-1311) All SeaMonkey users should upgrade to these updated packages, which correct these issues. After installing the update, SeaMonkey must be restarted for the changes to take effect.
last seen	2020-06-01
modified	2020-06-02
plugin id	38899
published	2009-05-26
reporter	This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/38899
title	CentOS 3 / 4 : seamonkey (CESA-2009:0437)

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-201301-01.NASL
description	The remote host is affected by the vulnerability described in GLSA-201301-01 (Mozilla Products: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Mozilla Firefox, Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to view a specially crafted web page or email, possibly resulting in execution of arbitrary code or a Denial of Service condition. Furthermore, a remote attacker may be able to perform Man-in-the-Middle attacks, obtain sensitive information, bypass restrictions and protection mechanisms, force file downloads, conduct XML injection attacks, conduct XSS attacks, bypass the Same Origin Policy, spoof URL’s for phishing attacks, trigger a vertical scroll, spoof the location bar, spoof an SSL indicator, modify the browser’s font, conduct clickjacking attacks, or have other unspecified impact. A local attacker could gain escalated privileges, obtain sensitive information, or replace an arbitrary downloaded file. Workaround : There is no known workaround at this time.
last seen	2020-06-01
modified	2020-06-02
plugin id	63402
published	2013-01-08
reporter	This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/63402
title	GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST)

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-1797.NASL
description	Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-0652 Moxie Marlinspike discovered that Unicode box drawing characters inside of internationalised domain names could be used for phishing attacks. - CVE-2009-1302 Olli Pettay, Martijn Wargers, Mats Palmgren, Oleg Romashin, Jesse Ruderman and Gary Kwong reported crashes in the layout engine, which might allow the execution of arbitrary code. - CVE-2009-1303 Olli Pettay, Martijn Wargers, Mats Palmgren, Oleg Romashin, Jesse Ruderman and Gary Kwong reported crashes in the layout engine, which might allow the execution of arbitrary code. - CVE-2009-1304 Igor Bukanov and Bob Clary discovered crashes in the JavaScript engine, which might allow the execution of arbitrary code. - CVE-2009-1305 Igor Bukanov and Bob Clary discovered crashes in the JavaScript engine, which might allow the execution of arbitrary code. - CVE-2009-1306 Daniel Veditz discovered that the Content-Disposition: header is ignored within the jar: URI scheme. - CVE-2009-1307 Gregory Fleischer discovered that the same-origin policy for Flash files is inproperly enforced for files loaded through the view-source scheme, which may result in bypass of cross-domain policy restrictions. - CVE-2009-1308 Cefn Hoile discovered that sites, which allow the embedding of third-party stylesheets are vulnerable to cross-site scripting attacks through XBL bindings. - CVE-2009-1309
last seen	2020-06-01
modified	2020-06-02
plugin id	38724
published	2009-05-11
reporter	This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/38724
title	Debian DSA-1797-1 : xulrunner - several vulnerabilities

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_1_MOZILLA-XULRUNNER190-090427.NASL
description	Firefox version upgrade to 3.0.9 to fix various security bugs. (CVE-2009-1302,CVE-2009-1303,CVE-2009-1304,CVE-2009-1305,CVE -2009-1306,CVE-2009-1307,CVE-2009-1308,CVE-2009-1309,CVE-200 9-1310,CVE-2009-1311,CVE-2009-1312,CVE-2009-0652)
last seen	2020-06-01
modified	2020-06-02
plugin id	40280
published	2009-07-21
reporter	This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/40280
title	openSUSE Security Update : mozilla-xulrunner190 (mozilla-xulrunner190-832)

NASL family	CentOS Local Security Checks
NASL id	CENTOS_RHSA-2009-0436.NASL
description	Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox. (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305) Several flaws were found in the way malformed web content was processed. A web page containing malicious content could execute arbitrary JavaScript in the context of the site, possibly presenting misleading data to a user, or stealing sensitive information such as login credentials. (CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310, CVE-2009-1312) A flaw was found in the way Firefox saved certain web pages to a local file. If a user saved the inner frame of a web page containing POST data, the POST data could be revealed to the inner frame, possibly surrendering sensitive information such as login credentials. (CVE-2009-1311) For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 3.0.9. You can find a link to the Mozilla advisories in the References section of this errata. All Firefox users should upgrade to these updated packages, which contain Firefox version 3.0.9, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect.
last seen	2020-06-01
modified	2020-06-02
plugin id	43743
published	2010-01-06
reporter	This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/43743
title	CentOS 4 / 5 : firefox (CESA-2009:0436)

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_1_SEAMONKEY-090617.NASL
description	The Mozilla SeaMonkey browser suite was updated to version 1.1.16, fixing various bugs and security issues : - Security update to 1.1.16 - MFSA 2009-12/CVE-2009-1169 (bmo#460090,485217) Crash and remote code execution in XSL transformation - MFSA 2009-14/CVE-2009-1303/CVE-2009-1305 Crashes with evidence of memory corruption (rv:1.9.0.9) - Security update to 1.1.15 - MFSA 2009-15/CVE-2009-0652 URL spoofing with box drawing character - MFSA 2009-07/CVE-2009-0771, CVE-2009-0772, CVE-2009-0773 CVE-2009-0774: Crashes with evidence of memory corruption (rv:1.9.0.7) - MFSA 2009-09/CVE-2009-0776: XML data theft via RDFXMLDataSource and cross-domain redirect - MFSA 2009-10/CVE-2009-0040: Upgrade PNG library to fix memory safety hazards - MFSA 2009-01/CVE-2009-0352 Crashes with evidence of memory corruption (rv:1.9.0.6) - MFSA 2009-05/CVE-2009-0357 XMLHttpRequest allows reading HTTPOnly cookies Please note that the java openjdk plugin might not work after installing this update.
last seen	2020-06-01
modified	2020-06-02
plugin id	40309
published	2009-07-21
reporter	This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/40309
title	openSUSE Security Update : seamonkey (seamonkey-1014)

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_0_MOZILLAFIREFOX-090427.NASL
description	Firefox version upgrade to 3.0.9 to fix various security bugs. (CVE-2009-1302,CVE-2009-1303,CVE-2009-1304,CVE-2009-1305,CVE -2009-1306,CVE-2009-1307,CVE-2009-1308,CVE-2009-1309,CVE-200 9-1310,CVE-2009-1311,CVE-2009-1312,CVE-2009-0652)
last seen	2020-06-01
modified	2020-06-02
plugin id	39889
published	2009-07-21
reporter	This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/39889
title	openSUSE Security Update : MozillaFirefox (MozillaFirefox-833)

NASL family	SuSE Local Security Checks
NASL id	SUSE_11_0_MOZILLA-XULRUNNER190-090427.NASL
description	Firefox version upgrade to 3.0.9 to fix various security bugs. (CVE-2009-1302,CVE-2009-1303,CVE-2009-1304,CVE-2009-1305,CVE -2009-1306,CVE-2009-1307,CVE-2009-1308,CVE-2009-1309,CVE-200 9-1310,CVE-2009-1311,CVE-2009-1312,CVE-2009-0652)
last seen	2020-06-01
modified	2020-06-02
plugin id	40076
published	2009-07-21
reporter	This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/40076
title	openSUSE Security Update : mozilla-xulrunner190 (mozilla-xulrunner190-832)

Oval

accepted

2013-04-29T04:13:48.392-04:00

class

vulnerability

contributors

name Aharon Chernin
organization SCAP.com, LLC
name Dragos Prisaca
organization G2, Inc.

definition_extensions

comment The operating system installed on the system is Red Hat Enterprise Linux 3
oval oval:org.mitre.oval:def:11782
comment CentOS Linux 3.x
oval oval:org.mitre.oval:def:16651
comment The operating system installed on the system is Red Hat Enterprise Linux 4
oval oval:org.mitre.oval:def:11831
comment CentOS Linux 4.x
oval oval:org.mitre.oval:def:16636
comment Oracle Linux 4.x
oval oval:org.mitre.oval:def:15990
comment The operating system installed on the system is Red Hat Enterprise Linux 5
oval oval:org.mitre.oval:def:11414
comment The operating system installed on the system is CentOS Linux 5.x
oval oval:org.mitre.oval:def:15802
comment Oracle Linux 5.x
oval oval:org.mitre.oval:def:15459

description

family

unix

oval:org.mitre.oval:def:11396

status

accepted

submitted

2010-07-09T03:56:16-04:00

title

version

Redhat

advisories

rhsa
id RHSA-2009:0436
rhsa
id RHSA-2009:0437

rpms

firefox-0:3.0.9-1.el4
firefox-0:3.0.9-1.el5
firefox-debuginfo-0:3.0.9-1.el4
firefox-debuginfo-0:3.0.9-1.el5
xulrunner-0:1.9.0.9-1.el5
xulrunner-debuginfo-0:1.9.0.9-1.el5
xulrunner-devel-0:1.9.0.9-1.el5
xulrunner-devel-unstable-0:1.9.0.9-1.el5
seamonkey-0:1.0.9-0.33.el2
seamonkey-0:1.0.9-0.37.el3
seamonkey-0:1.0.9-41.el4
seamonkey-chat-0:1.0.9-0.33.el2
seamonkey-chat-0:1.0.9-0.37.el3
seamonkey-chat-0:1.0.9-41.el4
seamonkey-debuginfo-0:1.0.9-0.37.el3
seamonkey-debuginfo-0:1.0.9-41.el4
seamonkey-devel-0:1.0.9-0.33.el2
seamonkey-devel-0:1.0.9-0.37.el3
seamonkey-devel-0:1.0.9-41.el4
seamonkey-dom-inspector-0:1.0.9-0.33.el2
seamonkey-dom-inspector-0:1.0.9-0.37.el3
seamonkey-dom-inspector-0:1.0.9-41.el4
seamonkey-js-debugger-0:1.0.9-0.33.el2
seamonkey-js-debugger-0:1.0.9-0.37.el3
seamonkey-js-debugger-0:1.0.9-41.el4
seamonkey-mail-0:1.0.9-0.33.el2
seamonkey-mail-0:1.0.9-0.37.el3
seamonkey-mail-0:1.0.9-41.el4
seamonkey-nspr-0:1.0.9-0.33.el2
seamonkey-nspr-0:1.0.9-0.37.el3
seamonkey-nspr-devel-0:1.0.9-0.33.el2
seamonkey-nspr-devel-0:1.0.9-0.37.el3
seamonkey-nss-0:1.0.9-0.33.el2
seamonkey-nss-0:1.0.9-0.37.el3
seamonkey-nss-devel-0:1.0.9-0.33.el2
seamonkey-nss-devel-0:1.0.9-0.37.el3

Summary

Vulnerable Configurations

Nessus

Oval

Redhat

References