6.8

CVE-2009-3984

EPSS 2.58%
Veröffentlicht 17.12.2009 17:30:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to spoof an SSL indicator for an http URL or a file URL by setting document.location to an https URL corresponding to a site that responds with a No Content (aka 204) status code and an empty body.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 30

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Mozilla ≫ Firefox Version <= 3.0.15

Mozilla ≫ Firefox Version0.1

Mozilla ≫ Firefox Version0.2

Mozilla ≫ Firefox Version0.3

Mozilla ≫ Firefox Version0.4

Mozilla ≫ Firefox Version0.5

Mozilla ≫ Firefox Version0.6

Mozilla ≫ Firefox Version0.6.1

Mozilla ≫ Firefox Version0.7

Mozilla ≫ Firefox Version0.7.1

Mozilla ≫ Firefox Version0.8

Mozilla ≫ Firefox Version0.9

Mozilla ≫ Firefox Version0.9 Updaterc

Mozilla ≫ Firefox Version0.9.1

Mozilla ≫ Firefox Version0.9.2

Mozilla ≫ Firefox Version0.9.3

Mozilla ≫ Firefox Version0.10

Mozilla ≫ Firefox Version0.10.1

Mozilla ≫ Firefox Version1.0

Mozilla ≫ Firefox Version1.0 Updatepreview_release

Mozilla ≫ Firefox Version1.0.1

Mozilla ≫ Firefox Version1.0.2

Mozilla ≫ Firefox Version1.0.3

Mozilla ≫ Firefox Version1.0.4

Mozilla ≫ Firefox Version1.0.5

Mozilla ≫ Firefox Version1.0.6

Mozilla ≫ Firefox Version1.0.7

Mozilla ≫ Firefox Version1.0.8

Mozilla ≫ Firefox Version1.4.1

Mozilla ≫ Firefox Version1.5

Mozilla ≫ Firefox Version1.5 Updatebeta1

Mozilla ≫ Firefox Version1.5 Updatebeta2

Mozilla ≫ Firefox Version1.5.0.1

Mozilla ≫ Firefox Version1.5.0.2

Mozilla ≫ Firefox Version1.5.0.3

Mozilla ≫ Firefox Version1.5.0.4

Mozilla ≫ Firefox Version1.5.0.5

Mozilla ≫ Firefox Version1.5.0.6

Mozilla ≫ Firefox Version1.5.0.7

Mozilla ≫ Firefox Version1.5.0.8

Mozilla ≫ Firefox Version1.5.0.9

Mozilla ≫ Firefox Version1.5.0.10

Mozilla ≫ Firefox Version1.5.0.11

Mozilla ≫ Firefox Version1.5.0.12

Mozilla ≫ Firefox Version1.5.1

Mozilla ≫ Firefox Version1.5.2

Mozilla ≫ Firefox Version1.5.3

Mozilla ≫ Firefox Version1.5.4

Mozilla ≫ Firefox Version1.5.5

Mozilla ≫ Firefox Version1.5.6

Mozilla ≫ Firefox Version1.5.7

Mozilla ≫ Firefox Version1.5.8

Mozilla ≫ Firefox Version1.8

Mozilla ≫ Firefox Version2.0

Mozilla ≫ Firefox Version2.0 Updatebeta_1

Mozilla ≫ Firefox Version2.0 Updatebeta1

Mozilla ≫ Firefox Version2.0 Updaterc2

Mozilla ≫ Firefox Version2.0 Updaterc3

Mozilla ≫ Firefox Version2.0.0.1

Mozilla ≫ Firefox Version2.0.0.2

Mozilla ≫ Firefox Version2.0.0.3

Mozilla ≫ Firefox Version2.0.0.4

Mozilla ≫ Firefox Version2.0.0.5

Mozilla ≫ Firefox Version2.0.0.6

Mozilla ≫ Firefox Version2.0.0.7

Mozilla ≫ Firefox Version2.0.0.8

Mozilla ≫ Firefox Version2.0.0.9

Mozilla ≫ Firefox Version2.0.0.10

Mozilla ≫ Firefox Version2.0.0.11

Mozilla ≫ Firefox Version2.0.0.12

Mozilla ≫ Firefox Version2.0.0.13

Mozilla ≫ Firefox Version2.0.0.14

Mozilla ≫ Firefox Version2.0.0.15

Mozilla ≫ Firefox Version2.0.0.16

Mozilla ≫ Firefox Version2.0.0.17

Mozilla ≫ Firefox Version2.0.0.18

Mozilla ≫ Firefox Version2.0.0.19

Mozilla ≫ Firefox Version2.0.0.20

Mozilla ≫ Firefox Version2.0.0.21

Mozilla ≫ Firefox Version2.0_.1

Mozilla ≫ Firefox Version2.0_.4

Mozilla ≫ Firefox Version2.0_.5

Mozilla ≫ Firefox Version2.0_.6

Mozilla ≫ Firefox Version2.0_.7

Mozilla ≫ Firefox Version2.0_.9

Mozilla ≫ Firefox Version2.0_.10

Mozilla ≫ Firefox Version2.0_8

Mozilla ≫ Firefox Version3.0

Mozilla ≫ Firefox Version3.0 Updatealpha

Mozilla ≫ Firefox Version3.0 Updatebeta2

Mozilla ≫ Firefox Version3.0 Updatebeta5

Mozilla ≫ Firefox Version3.0.1

Mozilla ≫ Firefox Version3.0.2

Mozilla ≫ Firefox Version3.0.3

Mozilla ≫ Firefox Version3.0.4

Mozilla ≫ Firefox Version3.0.5

Mozilla ≫ Firefox Version3.0.6

Mozilla ≫ Firefox Version3.0.7

Mozilla ≫ Firefox Version3.0.8

Mozilla ≫ Firefox Version3.0.9

Mozilla ≫ Firefox Version3.0.10

Mozilla ≫ Firefox Version3.0.11

Mozilla ≫ Firefox Version3.0.12

Mozilla ≫ Firefox Version3.0.13

Mozilla ≫ Firefox Version3.0.14

Mozilla ≫ Firefox Version3.5.1

Mozilla ≫ Firefox Version3.5.2

Mozilla ≫ Firefox Version3.5.3

Mozilla ≫ Firefox Version3.5.4

Mozilla ≫ Firefox Version3.5.5

Mozilla ≫ Seamonkey Updaterc2 Version <= 2.0

Mozilla ≫ Seamonkey Version1.0

Mozilla ≫ Seamonkey Version1.0 Updatealpha

Mozilla ≫ Seamonkey Version1.0 Updatebeta

Mozilla ≫ Seamonkey Version1.0.1

Mozilla ≫ Seamonkey Version1.0.2

Mozilla ≫ Seamonkey Version1.0.3

Mozilla ≫ Seamonkey Version1.0.4

Mozilla ≫ Seamonkey Version1.0.5

Mozilla ≫ Seamonkey Version1.0.6

Mozilla ≫ Seamonkey Version1.0.7

Mozilla ≫ Seamonkey Version1.0.8

Mozilla ≫ Seamonkey Version1.0.9

Mozilla ≫ Seamonkey Version1.0.99

Mozilla ≫ Seamonkey Version1.1

Mozilla ≫ Seamonkey Version1.1 Updatealpha

Mozilla ≫ Seamonkey Version1.1 Updatebeta

Mozilla ≫ Seamonkey Version1.1.1

Mozilla ≫ Seamonkey Version1.1.2

Mozilla ≫ Seamonkey Version1.1.3

Mozilla ≫ Seamonkey Version1.1.4

Mozilla ≫ Seamonkey Version1.1.5

Mozilla ≫ Seamonkey Version1.1.6

Mozilla ≫ Seamonkey Version1.1.7

Mozilla ≫ Seamonkey Version1.1.8

Mozilla ≫ Seamonkey Version1.1.9

Mozilla ≫ Seamonkey Version1.1.10

Mozilla ≫ Seamonkey Version1.1.11

Mozilla ≫ Seamonkey Version1.1.12

Mozilla ≫ Seamonkey Version1.1.13

Mozilla ≫ Seamonkey Version1.1.14

Mozilla ≫ Seamonkey Version1.1.15

Mozilla ≫ Seamonkey Version1.1.16

Mozilla ≫ Seamonkey Version1.1.17

Mozilla ≫ Seamonkey Version1.5.0.8

Mozilla ≫ Seamonkey Version1.5.0.9

Mozilla ≫ Seamonkey Version1.5.0.10

Mozilla ≫ Seamonkey Version2.0

Mozilla ≫ Seamonkey Version2.0 Updatealpha_1

Mozilla ≫ Seamonkey Version2.0 Updatealpha_2

Mozilla ≫ Seamonkey Version2.0 Updatealpha_3

Mozilla ≫ Seamonkey Version2.0 Updatebeta_1

Mozilla ≫ Seamonkey Version2.0 Updatebeta_2

Mozilla ≫ Seamonkey Version2.0 Updaterc1

Mozilla ≫ Seamonkey Version2.0a1 Editionpre

Mozilla ≫ Seamonkey Version2.0a1pre

Mozilla ≫ Thunderbird

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	2.58%	0.842

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

http://secunia.com/advisories/37699

Vendor Advisory

http://secunia.com/advisories/37785

Vendor Advisory

http://secunia.com/advisories/37856

http://secunia.com/advisories/37881

http://www.novell.com/linux/security/advisories/2009_63_firefox.html

http://www.securityfocus.com/bid/37349

http://www.ubuntu.com/usn/USN-874-1

http://www.vupen.com/english/advisories/2009/3547

Patch

Vendor Advisory

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00995.html

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01034.html

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01041.html

http://secunia.com/advisories/37703

Vendor Advisory

http://secunia.com/advisories/37704

Vendor Advisory

http://secunia.com/advisories/37813

http://www.debian.org/security/2009/dsa-1956

http://www.ubuntu.com/usn/USN-873-1

https://rhn.redhat.com/errata/RHSA-2009-1673.html

https://rhn.redhat.com/errata/RHSA-2009-1674.html

http://securitytracker.com/id?1023342

http://securitytracker.com/id?1023343

http://www.mozilla.org/security/announce/2009/mfsa2009-69.html

Patch

Vendor Advisory

http://www.securityfocus.com/bid/37367

https://bugzilla.mozilla.org/show_bug.cgi?id=521461

https://bugzilla.redhat.com/show_bug.cgi?id=546722

https://exchange.xforce.ibmcloud.com/vulnerabilities/54806

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8379

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9791

https://nvd.nist.gov/vuln/detail/CVE-2009-3984

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2009-3984

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2009-3984

EUVD