9.3

CVE-2008-3837

Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, and SeaMonkey before 1.1.12, allow user-assisted remote attackers to move a window during a mouse click, and possibly force a file download or unspecified other drag-and-drop action, via a crafted onmousedown action that calls window.moveBy, a variant of CVE-2003-0823.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MozillaFirefox Version < 2.0.0.17
MozillaFirefox Version >= 3.0 < 3.0.2
MozillaSeamonkey Version < 1.1.12
DebianDebian Linux Version4.0
CanonicalUbuntu Linux Version6.06 SwEditionlts
CanonicalUbuntu Linux Version7.04
CanonicalUbuntu Linux Version7.10
CanonicalUbuntu Linux Version8.04 SwEditionlts
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.27% 0.868
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/33433
Third Party Advisory
http://www.debian.org/security/2009/dsa-1697
Third Party Advisory
http://secunia.com/advisories/34501
Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1
Broken Link
http://www.vupen.com/english/advisories/2009/0977
Third Party Advisory
http://download.novell.com/Download?buildid=WZXONb-tqBw~
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00005.html
Third Party Advisory
http://secunia.com/advisories/31984
Third Party Advisory
http://secunia.com/advisories/31985
Third Party Advisory
http://secunia.com/advisories/32010
Third Party Advisory
http://secunia.com/advisories/32012
Third Party Advisory
http://secunia.com/advisories/32042
Third Party Advisory
http://secunia.com/advisories/32044
Third Party Advisory
http://secunia.com/advisories/32144
Third Party Advisory
http://secunia.com/advisories/32185
Third Party Advisory
http://secunia.com/advisories/32196
Third Party Advisory
http://secunia.com/advisories/32845
Third Party Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.379422
Third Party Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.405232
Third Party Advisory
http://www.debian.org/security/2008/dsa-1649
Third Party Advisory
http://www.debian.org/security/2008/dsa-1669
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2008:205
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2008-0882.html
Third Party Advisory
http://www.ubuntu.com/usn/usn-645-1
Third Party Advisory
http://www.ubuntu.com/usn/usn-645-2
Third Party Advisory
http://www.vupen.com/english/advisories/2008/2661
Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01384.html
Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01403.html
Third Party Advisory
http://www.securityfocus.com/bid/31346
Third Party Advisory
VDB Entry
http://secunia.com/advisories/31987
Third Party Advisory
http://secunia.com/advisories/32011
Third Party Advisory
http://secunia.com/advisories/32089
Third Party Advisory
http://secunia.com/advisories/32095
Third Party Advisory
http://secunia.com/advisories/32096
Third Party Advisory
http://www.mozilla.org/security/announce/2008/mfsa2008-40.html
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2008-0879.html
Third Party Advisory
http://www.securitytracker.com/id?1020922
Third Party Advisory
VDB Entry
https://bugzilla.mozilla.org/show_bug.cgi?id=329385
Patch
Vendor Advisory
Issue Tracking
https://exchange.xforce.ibmcloud.com/vulnerabilities/45348
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9950
Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg01335.html
Third Party Advisory