CVE-2009-1839
CVE-2009-1839
Mozilla Firefox 3 before 3.0.11 associates an incorrect principal with a file: URL loaded through the location bar, which allows user-assisted remote attackers to bypass intended access restrictions and read files via a crafted HTML document, aka a "file-URL-to-file-URL scripting" attack.
Productos afectados
n/a · n/aPoCs públicas encontradas — 1
exploitdbwww.exploit-db.com/exploits/10544no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://osvdb.org/55163https://bugzilla.mozilla.org/show_bug.cgi?id=479943https://bugzilla.redhat.com/show_bug.cgi?id=503581http://secunia.com/advisories/35331http://secunia.com/advisories/35415http://secunia.com/advisories/35431http://secunia.com/advisories/35468http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.372468https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9256https://rhn.redhat.com/errata/RHSA-2009-1095.htmlhttp://sunsolve.sun.com/search/document.do?assetkey=1-66-264308-1https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00574.html