CVE-2009-3076
CVE-2009-3076
Mozilla Firefox before 3.0.14 does not properly implement certain dialogs associated with the (1) pkcs11.addmodule and (2) pkcs11.deletemodule operations, which makes it easier for remote attackers to trick a user into installing or removing an arbitrary PKCS11 module.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/9651unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://bugzilla.mozilla.org/show_bug.cgi?id=326628https://bugzilla.mozilla.org/show_bug.cgi?id=509413http://secunia.com/advisories/36669http://secunia.com/advisories/36670http://secunia.com/advisories/36671http://secunia.com/advisories/36692http://secunia.com/advisories/37098https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6140https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9306http://www.debian.org/security/2009/dsa-1885http://www.mozilla.org/security/announce/2009/mfsa2009-48.htmlhttp://www.novell.com/linux/security/advisories/2009_48_firefox.html