Vulnerabilities > CVE-2009-3008 - Unspecified vulnerability in Christophe Thibault K-Meleon 1.5.3
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE network
christophe-thibault
Summary
K-Meleon 1.5.3 allows context-dependent attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary file: URL after a victim has visited any file: URL, as demonstrated by a visit to a file: document written by the attacker.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |