CVE-2009-1838

NONECVSS 0.0

0.0

The garbage-collection implementation in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 sets an element's owner document to null in unspecified circumstances, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafted event handler, related to an incorrect context for this event handler.

🔗 References (72)

secalert@redhathttp://osvdb.org/55157
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2009-1096.html
secalert@redhathttp://secunia.com/advisories/35331
secalert@redhathttp://secunia.com/advisories/35415
secalert@redhathttp://secunia.com/advisories/35428
secalert@redhathttp://secunia.com/advisories/35431
secalert@redhathttp://secunia.com/advisories/35439
secalert@redhathttp://secunia.com/advisories/35440
secalert@redhathttp://secunia.com/advisories/35468
secalert@redhathttp://secunia.com/advisories/35536
secalert@redhathttp://secunia.com/advisories/35561
secalert@redhathttp://secunia.com/advisories/35602
secalert@redhathttp://secunia.com/advisories/35882
secalert@redhathttp://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.372468
secalert@redhathttp://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.425408

Is Your Infrastructure Affected by CVE-2009-1838?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2009-1838

📅 Published

🔄 Last Modified

🔗 References (72)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2009-1838?