CVE-2009-3987

NONECVSS 0.0

0.0

The GeckoActiveXObject function in Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, generates different exception messages depending on whether the referenced COM object is listed in the registry, which allows remote attackers to obtain potentially sensitive information about installed software by making multiple calls that specify the ProgID values of different COM objects.

🔗 References (24)

cve@mitrehttp://secunia.com/advisories/37699
cve@mitrehttp://secunia.com/advisories/37785
cve@mitrehttp://securitytracker.com/id?1023346
cve@mitrehttp://securitytracker.com/id?1023347
cve@mitrehttp://www.mozilla.org/security/announce/2009/mfsa2009-71.html
cve@mitrehttp://www.securityfocus.com/bid/37349
cve@mitrehttp://www.securityfocus.com/bid/37360
cve@mitrehttp://www.vupen.com/english/advisories/2009/3547
cve@mitrehttps://bugzilla.mozilla.org/show_bug.cgi?id=503451
cve@mitrehttps://bugzilla.redhat.com/show_bug.cgi?id=546729
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/54798
cve@mitrehttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7958
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37699
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37785
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1023346

Is Your Infrastructure Affected by CVE-2009-3987?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2009-3987

📅 Published

🔄 Last Modified

🔗 References (24)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2009-3987?