Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0776

Overview

Vulnerability Score 7.1 7.1
CVE Id CVE-2009-0776
Last Modified 21 Aug 2010 01:30:55
Published 04 Mar 2009 09:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-0776

Summary

nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect.

Vulnerable Systems

Application

  • Mozilla Firefox 1.0

  • Mozilla Firefox 1.0.1

  • Mozilla Firefox 1.0.2

  • Mozilla Firefox 1.0.3

  • Mozilla Firefox 1.0.4

  • Mozilla Firefox 1.0.5

  • Mozilla Firefox 1.0.6

  • Mozilla Firefox 1.0.7

  • Mozilla Firefox 1.0.8

  • Mozilla Firefox 1.5

  • Mozilla Firefox 1.5.0.1

  • Mozilla Firefox 1.5.0.10

  • Mozilla Firefox 1.5.0.11

  • Mozilla Firefox 1.5.0.12

  • Mozilla Firefox 1.5.0.2

  • Mozilla Firefox 1.5.0.3

  • Mozilla Firefox 1.5.0.4

  • Mozilla Firefox 1.5.0.5

  • Mozilla Firefox 1.5.0.6

  • Mozilla Firefox 1.5.0.7

  • Mozilla Firefox 1.5.0.8

  • Mozilla Firefox 1.5.0.9

  • Mozilla Firefox 2.0

  • Mozilla Firefox 2.0.0.1

  • Mozilla Firefox 2.0.0.10

  • Mozilla Firefox 2.0.0.11

  • Mozilla Firefox 2.0.0.12

  • Mozilla Firefox 2.0.0.13

  • Mozilla Firefox 2.0.0.14

  • Mozilla Firefox 2.0.0.15

  • Mozilla Firefox 2.0.0.16

  • Mozilla Firefox 2.0.0.17

  • Mozilla Firefox 2.0.0.18

  • Mozilla Firefox 2.0.0.19

  • Mozilla Firefox 2.0.0.2

  • Mozilla Firefox 2.0.0.20

  • Mozilla Firefox 2.0.0.3

  • Mozilla Firefox 2.0.0.4

  • Mozilla Firefox 2.0.0.5

  • Mozilla Firefox 2.0.0.6

  • Mozilla Firefox 2.0.0.7

  • Mozilla Firefox 2.0.0.8

  • Mozilla Firefox 2.0.0.9

  • Mozilla Firefox 3.0

  • Mozilla Firefox 3.0.1

  • Mozilla Firefox 3.0.2

  • Mozilla Firefox 3.0.3

  • Mozilla Firefox 3.0.4

  • Mozilla Firefox 3.0.5

  • Mozilla Firefox 3.0.6

  • Mozilla Seamonkey 1.0

  • Mozilla Seamonkey 1.0.1

  • Mozilla Seamonkey 1.0.2

  • Mozilla Seamonkey 1.0.3

  • Mozilla Seamonkey 1.0.5

  • Mozilla Seamonkey 1.0.6

  • Mozilla Seamonkey 1.0.7

  • Mozilla Seamonkey 1.0.8

  • Mozilla Seamonkey 1.0.9

  • Mozilla Seamonkey 1.1

  • Mozilla Seamonkey 1.1.1

  • Mozilla Seamonkey 1.1.10

  • Mozilla Seamonkey 1.1.11

  • Mozilla Seamonkey 1.1.12

  • Mozilla Seamonkey 1.1.13

  • Mozilla Seamonkey 1.1.14

  • Mozilla Seamonkey 1.1.2

  • Mozilla Seamonkey 1.1.3

  • Mozilla Seamonkey 1.1.4

  • Mozilla Seamonkey 1.1.5

  • Mozilla Seamonkey 1.1.6

  • Mozilla Seamonkey 1.1.7

  • Mozilla Seamonkey 1.1.8

  • Mozilla Seamonkey 1.1.9

  • Mozilla Thunderbird 2.0.0.0

  • Mozilla Thunderbird 2.0.0.12

  • Mozilla Thunderbird 2.0.0.14

  • Mozilla Thunderbird 2.0.0.16

  • Mozilla Thunderbird 2.0.0.17

  • Mozilla Thunderbird 2.0.0.18

  • Mozilla Thunderbird 2.0.0.19

  • Mozilla Thunderbird 2.0.0.20

  • Mozilla Thunderbird 2.0.0.4

  • Mozilla Thunderbird 2.0.0.5

  • Mozilla Thunderbird 2.0.0.6

  • Mozilla Thunderbird 2.0.0.9


References

FEDORA - FEDORA-2009-3101

FEDORA - FEDORA-2009-2884

FEDORA - FEDORA-2009-2882

CONFIRM - https://bugzilla.mozilla.org/show_bug.cgi?id=414540

VUPEN - ADV-2009-0632

UBUNTU - USN-741-1

SECTRACK - 1021797

BID - 33990

REDHAT - RHSA-2009:0325

REDHAT - RHSA-2009:0315

REDHAT - RHSA-2009:0258

CONFIRM - http://www.mozilla.org/security/announce/2009/mfsa2009-09.html

MANDRIVA - MDVSA-2009:083

MANDRIVA - MDVSA-2009:075

DEBIAN - DSA-1830

DEBIAN - DSA-1751

CONFIRM - http://support.avaya.com/japple/css/japple?temp.documentID=366362&temp.productID=154235&temp.releaseID=361845&temp.bucketID=126655&PAGE=Document

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2009-069.htm

SLACKWARE - SSA:2009-083-03

SLACKWARE - SSA:2009-083-02

SECUNIA - 34527

SECUNIA - 34464

SECUNIA - 34462

SECUNIA - 34417

SECUNIA - 34387

SECUNIA - 34383

SECUNIA - 34324

SECUNIA - 34272

SECUNIA - 34145

SECUNIA - 34140

SECUNIA - 34137

SUSE - SUSE-SA:2009:023

SUSE - SUSE-SA:2009:012


Last Updated: 27 May 2016 10:50:22