6.8
CVE-2009-3985
- EPSS 2.54%
- Veröffentlicht 17.12.2009 17:30:00
- Zuletzt bearbeitet 16.06.2026 23:12:46
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to associate spoofed content with an invalid URL by setting document.location to this URL, and then writing arbitrary web script or HTML to the associated blank document, a related issue to CVE-2009-2654.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.54% | 0.829 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
http://secunia.com/advisories/37699
http://secunia.com/advisories/37785
http://secunia.com/advisories/37856
http://secunia.com/advisories/37881
http://www.novell.com/linux/security/advisories/2009_63_firefox.html
http://www.securityfocus.com/bid/37349
http://www.ubuntu.com/usn/USN-874-1
http://www.vupen.com/english/advisories/2009/3547
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00995.html
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01034.html
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01041.html
http://secunia.com/advisories/37704
http://secunia.com/advisories/37813
http://www.debian.org/security/2009/dsa-1956
http://www.ubuntu.com/usn/USN-873-1
https://rhn.redhat.com/errata/RHSA-2009-1674.html
http://securitytracker.com/id?1023342
http://securitytracker.com/id?1023343
http://www.mozilla.org/security/announce/2009/mfsa2009-69.html
http://www.securityfocus.com/bid/37370
https://bugzilla.mozilla.org/show_bug.cgi?id=514232
https://bugzilla.redhat.com/show_bug.cgi?id=546726
https://exchange.xforce.ibmcloud.com/vulnerabilities/54808
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8480
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9911