CVE-2009-3983

Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to send authenticated requests to arbitrary applications by replaying the NTLM credentials of a browser user.

🔗 References (64)

• cve@mitrehttp://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
• cve@mitrehttp://secunia.com/advisories/37699
• cve@mitrehttp://secunia.com/advisories/37703
• cve@mitrehttp://secunia.com/advisories/37704
• cve@mitrehttp://secunia.com/advisories/37785
• cve@mitrehttp://secunia.com/advisories/37813
• cve@mitrehttp://secunia.com/advisories/37856
• cve@mitrehttp://secunia.com/advisories/37881
• cve@mitrehttp://secunia.com/advisories/38977
• cve@mitrehttp://secunia.com/advisories/39001
• cve@mitrehttp://securitytracker.com/id?1023340
• cve@mitrehttp://securitytracker.com/id?1023341
• cve@mitrehttp://www.debian.org/security/2009/dsa-1956
• cve@mitrehttp://www.mozilla.org/security/announce/2009/mfsa2009-68.html
• cve@mitrehttp://www.novell.com/linux/security/advisories/2009_63_firefox.html