CVE-2009-2472

NONECVSS 0.0

0.0

Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrapper when required during object construction, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted document, related to a "cross origin wrapper bypass."

🔗 References (36)

secalert@redhathttp://lists.opensuse.org/opensuse-security-announce/2009-07/msg00005.html
secalert@redhathttp://lists.opensuse.org/opensuse-security-announce/2009-08/msg00002.html
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2009-1162.html
secalert@redhathttp://secunia.com/advisories/35914
secalert@redhathttp://secunia.com/advisories/35944
secalert@redhathttp://secunia.com/advisories/36005
secalert@redhathttp://secunia.com/advisories/36145
secalert@redhathttp://sunsolve.sun.com/search/document.do?assetkey=1-26-265068-1
secalert@redhathttp://sunsolve.sun.com/search/document.do?assetkey=1-77-1020800.1-1
secalert@redhathttp://www.mozilla.org/security/announce/2009/mfsa2009-40.html
secalert@redhathttp://www.securityfocus.com/bid/35758
secalert@redhathttp://www.vupen.com/english/advisories/2009/1972
secalert@redhathttp://www.vupen.com/english/advisories/2009/2152
secalert@redhathttps://bugzilla.mozilla.org/show_bug.cgi?id=479288
secalert@redhathttps://bugzilla.mozilla.org/show_bug.cgi?id=481434

Is Your Infrastructure Affected by CVE-2009-2472?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2009-2472

📅 Published

🔄 Last Modified

🔗 References (36)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2009-2472?