CVE-2009-1307

NONECVSS 0.0

0.0

The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to (1) bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; (2) read, create, or modify Local Shared Objects via a Flash file; or (3) bypass unspecified restrictions and render content via vectors involving a jar: URI.

🔗 References (76)

secalert@redhathttp://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2009-0437.html
secalert@redhathttp://secunia.com/advisories/34758
secalert@redhathttp://secunia.com/advisories/34780
secalert@redhathttp://secunia.com/advisories/34843
secalert@redhathttp://secunia.com/advisories/34844
secalert@redhathttp://secunia.com/advisories/34894
secalert@redhathttp://secunia.com/advisories/35042
secalert@redhathttp://secunia.com/advisories/35065
secalert@redhathttp://secunia.com/advisories/35536
secalert@redhathttp://secunia.com/advisories/35561
secalert@redhathttp://secunia.com/advisories/35602
secalert@redhathttp://secunia.com/advisories/35882
secalert@redhathttp://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.425408
secalert@redhathttp://sunsolve.sun.com/search/document.do?assetkey=1-66-264308-1

Is Your Infrastructure Affected by CVE-2009-1307?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2009-1307

📅 Published

🔄 Last Modified

🔗 References (76)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2009-1307?