Back to search
CVE-2009-1307
Published: Apr 22, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to (1) bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; (2) read, create, or modify Local Shared Objects via a Flash file; or (3) bypass unspecified restrictions and render content via vectors involving a jar: URI.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.mozilla.org/security/announce/2009/mfsa2009-17.html
x_refsource_CONFIRM
MDVSA-2009:111
vendor-advisory
x_refsource_MANDRIVA
FEDORA-2009-3875
vendor-advisory
x_refsource_FEDORA
oval:org.mitre.oval:def:6154
vdb-entry
signature
x_refsource_OVAL
34894
third-party-advisory
x_refsource_SECUNIA
ADV-2009-1125
vdb-entry
x_refsource_VUPEN
SSA:2009-178-01
vendor-advisory
x_refsource_SLACKWARE
DSA-1830
vendor-advisory
x_refsource_DEBIAN
34758
third-party-advisory
x_refsource_SECUNIA
35536
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:10972
vdb-entry
signature
x_refsource_OVAL
oval:org.mitre.oval:def:7008
vdb-entry
signature
x_refsource_OVAL
35602
third-party-advisory
x_refsource_SECUNIA
RHSA-2009:1125
vendor-advisory
x_refsource_REDHAT
FEDORA-2009-7614
vendor-advisory
x_refsource_FEDORA
34844
third-party-advisory
x_refsource_SECUNIA
USN-782-1
vendor-advisory
x_refsource_UBUNTU
35065
third-party-advisory
x_refsource_SECUNIA
1022093
vdb-entry
x_refsource_SECTRACK
FEDORA-2009-7567
vendor-advisory
x_refsource_FEDORA
35882
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:6266
vdb-entry
signature
x_refsource_OVAL
USN-764-1
vendor-advisory
x_refsource_UBUNTU
MDVSA-2009:141
vendor-advisory
x_refsource_MANDRIVA
SUSE-SR:2009:010
vendor-advisory
x_refsource_SUSE
oval:org.mitre.oval:def:5933
vdb-entry
signature
x_refsource_OVAL
35042
third-party-advisory
x_refsource_SECUNIA
34656
vdb-entry
x_refsource_BID
34843
third-party-advisory
x_refsource_SECUNIA
DSA-1797
vendor-advisory
x_refsource_DEBIAN
35561
third-party-advisory
x_refsource_SECUNIA
SSA:2009-176-01
vendor-advisory
x_refsource_SLACKWARE
RHSA-2009:0437
vendor-advisory
x_refsource_REDHAT
RHSA-2009:0436
vendor-advisory
x_refsource_REDHAT
RHSA-2009:1126
vendor-advisory
x_refsource_REDHAT
34780
third-party-advisory
x_refsource_SECUNIA
264308
vendor-advisory
x_refsource_SUNALERT
https://bugzilla.mozilla.org/show_bug.cgi?id=481342
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now