Vulnerabilities > CVE-2009-3007 - Remote Security vulnerability in SeaMonkey
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Mozilla Firefox 3.5.1 and SeaMonkey 1.1.17, and Flock 2.5.1, allow context-dependent attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary file: URL after a victim has visited any file: URL, as demonstrated by a visit to a file: document written by the attacker.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 | |
Application | 2 |