CVE-2009-0358

NONECVSS 0.0

0.0

Mozilla Firefox 3.x before 3.0.6 does not properly implement the (1) no-store and (2) no-cache Cache-Control directives, which allows local users to obtain sensitive information by using the (a) back button or (b) history list of the victim's browser, as demonstrated by reading the response page of an https POST request.

🔗 References (38)

secalert@redhathttp://blogs.imeta.co.uk/JDeabill/archive/2008/07/14/303.aspx
secalert@redhathttp://lists.opensuse.org/opensuse-security-announce/2009-02/msg00001.html
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2009-0256.html
secalert@redhathttp://secunia.com/advisories/33799
secalert@redhathttp://secunia.com/advisories/33809
secalert@redhathttp://secunia.com/advisories/33831
secalert@redhathttp://secunia.com/advisories/33841
secalert@redhathttp://secunia.com/advisories/33846
secalert@redhathttp://secunia.com/advisories/33869
secalert@redhathttp://support.avaya.com/elmodocs2/security/ASA-2009-040.htm
secalert@redhathttp://www.mandriva.com/security/advisories?name=MDVSA-2009:044
secalert@redhathttp://www.mozilla.org/security/announce/2009/mfsa2009-06.html
secalert@redhathttp://www.securityfocus.com/bid/33598
secalert@redhathttp://www.securitytracker.com/id?1021667
secalert@redhathttp://www.ubuntu.com/usn/usn-717-1

Is Your Infrastructure Affected by CVE-2009-0358?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2009-0358

📅 Published

🔄 Last Modified

🔗 References (38)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2009-0358?