QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2009-1835

Back to search

CVE-2009-1835

Published: Jun 12, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 associate local documents with external domain names located after the file:// substring in a URL, which allows user-assisted remote attackers to read arbitrary cookies via a crafted HTML document, as demonstrated by a URL with file://example.com/C:/ at the beginning.

VendorProductVersions

n/a

n/a

affected
n/a

References

265068
vendor-advisory
x_refsource_SUNALERT
ADV-2009-1572
vdb-entry
x_refsource_VUPEN
RHSA-2009:1096
vendor-advisory
x_refsource_REDHAT
1020800
vendor-advisory
x_refsource_SUNALERT
oval:org.mitre.oval:def:9803
vdb-entry
signature
x_refsource_OVAL
FEDORA-2009-7614
vendor-advisory
x_refsource_FEDORA
35326
vdb-entry
x_refsource_BID
35391
vdb-entry
x_refsource_BID
FEDORA-2009-6411
vendor-advisory
x_refsource_FEDORA
35428
third-party-advisory
x_refsource_SECUNIA
35431
third-party-advisory
x_refsource_SECUNIA
FEDORA-2009-7567
vendor-advisory
x_refsource_FEDORA
35331
third-party-advisory
x_refsource_SECUNIA
35468
third-party-advisory
x_refsource_SECUNIA
ADV-2009-2152
vdb-entry
x_refsource_VUPEN
35439
third-party-advisory
x_refsource_SECUNIA
35882
third-party-advisory
x_refsource_SECUNIA
FEDORA-2009-6366
vendor-advisory
x_refsource_FEDORA
35415
third-party-advisory
x_refsource_SECUNIA
RHSA-2009:1095
vendor-advisory
x_refsource_REDHAT
55161
vdb-entry
x_refsource_OSVDB
SSA:2009-167-01
vendor-advisory
x_refsource_SLACKWARE
35561
third-party-advisory
x_refsource_SECUNIA
SSA:2009-176-01
vendor-advisory
x_refsource_SLACKWARE
DSA-1820
vendor-advisory
x_refsource_DEBIAN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now