CVE-2009-1834

Exploit

EPSS 15.05%
Veröffentlicht 12.06.2009 21:30:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

Visual truncation vulnerability in netwerk/dns/src/nsIDNService.cpp in Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 allows remote attackers to spoof the location bar via an IDN with invalid Unicode characters that are displayed as whitespace, as demonstrated by the \u115A through \u115E characters.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 22

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Mozilla ≫ Firefox Version <= 3.0.10

Mozilla ≫ Firefox Version0.1

Mozilla ≫ Firefox Version0.2

Mozilla ≫ Firefox Version0.3

Mozilla ≫ Firefox Version0.4

Mozilla ≫ Firefox Version0.5

Mozilla ≫ Firefox Version0.6

Mozilla ≫ Firefox Version0.6.1

Mozilla ≫ Firefox Version0.7

Mozilla ≫ Firefox Version0.7.1

Mozilla ≫ Firefox Version0.8

Mozilla ≫ Firefox Version0.9

Mozilla ≫ Firefox Version0.9 Updaterc

Mozilla ≫ Firefox Version0.9.1

Mozilla ≫ Firefox Version0.9.2

Mozilla ≫ Firefox Version0.9.3

Mozilla ≫ Firefox Version0.9_rc

Mozilla ≫ Firefox Version0.10

Mozilla ≫ Firefox Version0.10.1

Mozilla ≫ Firefox Version1.0

Mozilla ≫ Firefox Version1.0 Updatepreview_release

Mozilla ≫ Firefox Version1.0.1

Mozilla ≫ Firefox Version1.0.2

Mozilla ≫ Firefox Version1.0.3

Mozilla ≫ Firefox Version1.0.4

Mozilla ≫ Firefox Version1.0.5

Mozilla ≫ Firefox Version1.0.6

Mozilla ≫ Firefox Version1.0.6 Editionlinux

Mozilla ≫ Firefox Version1.0.7

Mozilla ≫ Firefox Version1.0.8

Mozilla ≫ Firefox Version1.4.1

Mozilla ≫ Firefox Version1.5

Mozilla ≫ Firefox Version1.5 Updatebeta1

Mozilla ≫ Firefox Version1.5 Updatebeta2

Mozilla ≫ Firefox Version1.5.0.1

Mozilla ≫ Firefox Version1.5.0.2

Mozilla ≫ Firefox Version1.5.0.3

Mozilla ≫ Firefox Version1.5.0.4

Mozilla ≫ Firefox Version1.5.0.5

Mozilla ≫ Firefox Version1.5.0.6

Mozilla ≫ Firefox Version1.5.0.7

Mozilla ≫ Firefox Version1.5.0.8

Mozilla ≫ Firefox Version1.5.0.9

Mozilla ≫ Firefox Version1.5.0.10

Mozilla ≫ Firefox Version1.5.0.11

Mozilla ≫ Firefox Version1.5.0.12

Mozilla ≫ Firefox Version1.5.1

Mozilla ≫ Firefox Version1.5.2

Mozilla ≫ Firefox Version1.5.3

Mozilla ≫ Firefox Version1.5.4

Mozilla ≫ Firefox Version1.5.5

Mozilla ≫ Firefox Version1.5.6

Mozilla ≫ Firefox Version1.5.7

Mozilla ≫ Firefox Version1.5.8

Mozilla ≫ Firefox Version1.8

Mozilla ≫ Firefox Version2.0

Mozilla ≫ Firefox Version2.0 Updatebeta_1

Mozilla ≫ Firefox Version2.0 Updatebeta1

Mozilla ≫ Firefox Version2.0 Updaterc2

Mozilla ≫ Firefox Version2.0 Updaterc3

Mozilla ≫ Firefox Version2.0.0.1

Mozilla ≫ Firefox Version2.0.0.2

Mozilla ≫ Firefox Version2.0.0.3

Mozilla ≫ Firefox Version2.0.0.4

Mozilla ≫ Firefox Version2.0.0.5

Mozilla ≫ Firefox Version2.0.0.6

Mozilla ≫ Firefox Version2.0.0.7

Mozilla ≫ Firefox Version2.0.0.8

Mozilla ≫ Firefox Version2.0.0.9

Mozilla ≫ Firefox Version2.0.0.10

Mozilla ≫ Firefox Version2.0.0.11

Mozilla ≫ Firefox Version2.0.0.12

Mozilla ≫ Firefox Version2.0.0.13

Mozilla ≫ Firefox Version2.0.0.14

Mozilla ≫ Firefox Version2.0.0.15

Mozilla ≫ Firefox Version2.0.0.16

Mozilla ≫ Firefox Version2.0.0.17

Mozilla ≫ Firefox Version2.0.0.18

Mozilla ≫ Firefox Version2.0.0.19

Mozilla ≫ Firefox Version2.0.0.20

Mozilla ≫ Firefox Version2.0.0.21

Mozilla ≫ Firefox Version2.0_.1

Mozilla ≫ Firefox Version2.0_.4

Mozilla ≫ Firefox Version2.0_.5

Mozilla ≫ Firefox Version2.0_.6

Mozilla ≫ Firefox Version2.0_.7

Mozilla ≫ Firefox Version2.0_.9

Mozilla ≫ Firefox Version2.0_.10

Mozilla ≫ Firefox Version2.0_8

Mozilla ≫ Firefox Version3.0

Mozilla ≫ Firefox Version3.0 Updatealpha

Mozilla ≫ Firefox Version3.0 Updatebeta2

Mozilla ≫ Firefox Version3.0 Updatebeta5

Mozilla ≫ Firefox Version3.0.1

Mozilla ≫ Firefox Version3.0.2

Mozilla ≫ Firefox Version3.0.3

Mozilla ≫ Firefox Version3.0.4

Mozilla ≫ Firefox Version3.0.5

Mozilla ≫ Firefox Version3.0.6

Mozilla ≫ Firefox Version3.0.7

Mozilla ≫ Firefox Version3.0.8

Mozilla ≫ Firefox Version3.0.9

Mozilla ≫ Seamonkey Version <= 1.1.16

Mozilla ≫ Seamonkey Version1.0

Mozilla ≫ Seamonkey Version1.0 Editionalpha

Mozilla ≫ Seamonkey Version1.0 Editionbeta

Mozilla ≫ Seamonkey Version1.0 Editiondev

Mozilla ≫ Seamonkey Version1.0 Updatealpha

Mozilla ≫ Seamonkey Version1.0 Updatebeta

Mozilla ≫ Seamonkey Version1.0.1

Mozilla ≫ Seamonkey Version1.0.3

Mozilla ≫ Seamonkey Version1.0.4

Mozilla ≫ Seamonkey Version1.0.6

Mozilla ≫ Seamonkey Version1.0.8

Mozilla ≫ Seamonkey Version1.0.9

Mozilla ≫ Seamonkey Version1.0.99

Mozilla ≫ Seamonkey Version1.1

Mozilla ≫ Seamonkey Version1.1 Updatealpha

Mozilla ≫ Seamonkey Version1.1 Updatebeta

Mozilla ≫ Seamonkey Version1.1.1

Mozilla ≫ Seamonkey Version1.1.3

Mozilla ≫ Seamonkey Version1.1.5

Mozilla ≫ Seamonkey Version1.1.5 Update1.1.10

Mozilla ≫ Seamonkey Version1.1.6

Mozilla ≫ Seamonkey Version1.1.7

Mozilla ≫ Seamonkey Version1.1.8

Mozilla ≫ Seamonkey Version1.1.9

Mozilla ≫ Seamonkey Version1.1.10

Mozilla ≫ Seamonkey Version1.1.11

Mozilla ≫ Seamonkey Version1.1.12

Mozilla ≫ Seamonkey Version1.1.13

Mozilla ≫ Seamonkey Version1.1.15

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	15.05%	0.94

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://sunsolve.sun.com/search/document.do?assetkey=1-66-264308-1

http://secunia.com/advisories/35331

Vendor Advisory

http://secunia.com/advisories/35415

http://secunia.com/advisories/35431

Vendor Advisory

http://secunia.com/advisories/35439

Vendor Advisory

http://secunia.com/advisories/35468

http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.372468

http://www.debian.org/security/2009/dsa-1820

http://www.securityfocus.com/bid/35326